Computer-implemented method for error-correction-encoding and encrypting of a file

Abstract

A computer-implemented method for error-correction-encoding and encrypting of a file is provided. The file is split into at least two blocks. The first block is encrypted using a given encryption key. The encrypted first block is encoded twice using a first and second forward error correction code of the first block. Each subsequent block is encrypted by performing an algebraic operation. The encrypted block is encoded twice using a first and second forward error correction code for this block, wherein a cryptographic indexing function provides a set of indices used by the second forward error correction code to produce the second encoded chunk. The first encoded chunks of each encrypted block are outputted. The computer-implemented method enables secure transmission of a file content between low power devices.

Claims

1. A computer-implemented method for error correction encoding and encrypting of a file comprising: a) splitting the file into at least two blocks, b) encrypting a first block using a given encryption key resulting in an encrypted first block, encoding the encrypted first block twice using a first and second forward error correction code of the first block resulting in a first and second encoded chunk of the first encrypted block, c) for a subsequent block, encrypting the subsequent block by performing an algebraic operation with the second encoded chunk of the encrypted first block resulting in an encrypted subsequent block, encoding the encrypted subsequent block twice using a first and second forward error correction code for the subsequent block resulting in a first and second encoded chunk for the encrypted subsequent block, wherein a cryptographic indexing function parametrized by the encryption key provides a set of indices used by the second forward error correction code for the subsequent block to produce the second encoded chunk for the subsequent block, and d) outputting the first encoded chunks of each encrypted block.

2. The computer-implemented method according to claim 1 wherein the cryptographic indexing function is parametrized by the number of the respective block.

3. The computer-implemented method according to claim 1 wherein the first and second forward error correction code of the first and/or of the subsequent block are identical or different.

4. The computer-implemented method according to claim 1 wherein different cryptographic indexing functions are used by the forward correction codes for different blocks.

5. The computer-implemented method according to claim 1, further comprising shuffling symbols of the first encrypted chunk before encoding the first encrypted chunk.

6. The computer-implemented method according to claim 5 wherein shuffling of the symbols is parametrized by the encryption key.

7. The computer-implemented method according to claim 1 wherein the cryptographic indexing function is configured to provide a set of indices with a random order.

8. The computer-implemented method according to claim 1 wherein the at least two blocks of the file are equally or unequally sized.

9. The computer-implemented method according to claim 1, further comprising: receiving the first encoded chunks of each encrypted block by a decoding module, wherein decoding the first of the first encoded chunks using a forward error correction decoder and decrypting afterwards using a given decryption key, wherein the subsequent first encoded chunk is decoded using a forward error correction decoder, and is decrypted afterwards by performing an algebraic operation with the second encoded chunk of the first block, which was encoded using a forward error correction code, wherein a cryptographic indexing function parametrized by the decryption key provides a set of indices used by the forward error correction code to produce the second encoded chunk of the previously processed chunk, and outputting the decrypted and encoded chunks.

10. A computer program product, comprising a computer readable hardware storage device having computer readable program code stored therein, said program code executable by a processor of a computer system to implement a method, directly loadable into the internal memory of a digital computer, comprising software code portions for performing the steps of claim 1 when said product is run on a computer.

11. An encoding module for error correction encoding and encrypting of a file configured to: a) split the file into at least two blocks, b) encrypt a first block using a given encryption key resulting in an encrypted first block, and encode the encrypted first block twice using a first and second forward error correction code of the first block providing a first and second encoded chunk of the first encrypted block, c) encrypt each subsequent block by performing an algebraic operation with the second encoded chunk of a previously processed encrypted block resulting in an encrypted subsequent block, and encode each encrypted subsequent block twice using a first and second forward error correction code for this subsequent block resulting in a first and second encoded chunk for this encrypted subsequent block, wherein a cryptographic indexing function parametrized by the encryption key provides a set of indices used by the second forward error correction code for this subsequent block to produce the second encoded chunk for this subsequent block, and d) output first encoded chunks of each encrypted block.

12. A decoding module for error-correction-decoding and decrypting a file, received from the encoding module according to claim 11, configured to: decode the first of the first encoded chunks using a forward error correction decoder and decrypt the first of the first encoded chunks afterwards using a given decryption key, decode each subsequent first encoded chunk and decrypt the subsequent first encoded chunk afterwards by performing an algebraic operation with the second encoded chunk of the previously processed block, which was encoded using a forward error correction code, wherein a cryptographic indexing function parametrized by the decryption key provides a set of indices used by the forward error correction code to produce the second encoded chunk of the previously processed chunk, and output the decrypted and encoded chunks.

13. A transmitter comprising: a) an input module configured to input a file, b) a splitting module configured to split the file into at least two blocks, c) an encoding module configured to encrypt the first block using a given encryption key resulting in an encrypted first block and encode the encrypted first block twice using a first and second forward error correction code of the first block providing a first and second encoded chunk of the first encrypted block, and encrypt each subsequent block by performing an algebraic operation with the second encoded chunk of a previously processed encrypted block resulting in an encrypted subsequent block and encode each encrypted subsequent block twice using a first and second forward error correction code for this subsequent block resulting in a first and second encoded chunk for this encrypted subsequent block, wherein a cryptographic indexing function parameterized by the encryption key provides a set of indices used by the second forward error correction code for this subsequent block to produce the second encoded chunk for this subsequent block, and d) an output module configured to output first encoded chunks.

14. A receiver comprising: a) a receiving module configured to receive first encoded chunks from the transmitter according to claim 13, b) a decoding module configured for error-correction-decoding and decrypting, and c) an output module configured to output the decrypted and encoded blocks.

Description

BRIEF DESCRIPTION

(1) Some of the embodiments will be described in detail, with reference to the following figures, wherein like designations denote like members, wherein:

(2) FIG. 1 shows a flow chart of a computer-implemented method according to the invention;

(3) FIG. 2 shows a schematic diagram of a computer-implemented method according to the invention;

(4) FIG. 3 shows another schematic diagram of a computer-implemented method according to the invention;

(5) FIG. 4 shows a schematic diagram of a transmitter according to the invention;

(6) FIG. 5 shows a schematic diagram of a receiver according to the invention; and

(7) FIG. 6 shows a schematic diagram of a system comprising a transmitter and receiver according to the invention.

(8) Equivalent parts in the different figures are labeled with the same reference signs.

DETAILED DESCRIPTION

(9) FIG. 1 shows a flow chart of a computer-implemented method according to embodiments of the invention. The method can for example be performed by a transmitter, comprising at least one processor to perform at least part of the method steps, connected to a receiver, comprising at least one processor to perform at least part of the method steps.

(10) It can be the objective of such a setup to transmit a file F in a secure and error-free way. The sender or transmitter comprises an encoding module according to embodiments of the invention. In the first step S1 the given file F, which can be a data file or a data package, is read in and split into at least two blocks comprising of a number of symbols. The blocks can be equally of unequally sized. The number of blocks depends on the file size, the length of a block and/or the level of protection against transmission errors and/or against tampering.

(11) With a larger number of blocks a more secure transmission can be achieved. A block of a file typically comprises symbols which can be lost on the receiver side due to transmission losses or errors. Therefore, a forward error correction code, such as a fountain code, can be used in the following to protect the content against transmission losses or errors.

(12) In the next step S2 of the computer-implemented method the first block is encrypted using a given encryption key with a symmetric or asymmetric encryption algorithm resulting in an encrypted first block.

(13) Optionally, the symbols of the first encrypted block can be shuffled before encoding, providing a stronger protection. The shuffling scheme can be parametrized by the encryption key.

(14) In the next step S3 the encrypted first block is two times forward error correction encoded using a first and second forward error correction code of the first block. The first and second forward error correction code of the first block can be based on the same or different codes. In other words, a forward error correction is performed twice for the encrypted first block.

(15) This step results in a first and second encoded chunk of the first encrypted block. The first and second encoded chunk may comprise extra symbols of the first block according to the used forward error correction code to enable reconstruction of the first block on a receiver side. The first encoded chunk of the first encrypted block is outputted while the second encoded chunk of the first encrypted block is further processed. The first and second encoded chunk of the first encrypted block may comprise information to enable recovering the information content of the first block on the receiver side.

(16) In the next step S4 each subsequent block is encrypted resulting in an encrypted subsequent block. The encryption is based on performing an algebraic operation, such as an exclusive-or-operation, on the subsequent block and the second encoded chunk of the previously performed block. In case of the second block, the encryption is performed using the second encoded chunk of the first block, resulting in an encrypted second block.

(17) In the next step S5 the encrypted block of the respective processed subsequent block, is encoded twice using a first and second forward error correction code for the respective block. The second forward error correction code is performed based on a set of indices provided by a given cryptographic indexing function. The cryptographic indexing function generates indices and can also be parametrized by a respective number of a block. Furthermore, for different block sizes, the indexing function can be adapted to the block size. Different cryptographic indexing functions can be used by the according forward error correction codes for different blocks. The cryptographic indexing function can provide a set of indices in a random order.

(18) The output of this step S5 is a first and second encoded chunk of the respective encrypted block. The first chunk is outputted, while the second chunk is processed if blocks of the original file F remain unprocessed. This step and the previous step are performed for all blocks except the first block of the file.

(19) The first encoded chunks of the respective encrypted blocks are outputted and transmitted to a receiver, step S6. The transmission can for example be via a data diode and/or between low power and low memory devices, such as IoT-devices.

(20) The receiver comprises a decoding module according to some embodiments of the invention. The first encoded chunks are received by the receiver and provided as input for the decoding module in step S7 in order to recover the original source information of the file F.

(21) In the next step S8, the first of the first encoded chunks is decoded using a forward correction decoder and decrypted afterwards using a given decryption key. The first of the first encoded chunks is related to the first block of the original file. For decoding a forward error correction decoder is used which is in accordance with the first forward error correction code used for the first block. The decryption key may be associated with the encryption key depending on the encryption method. The information on the forward error correction codes and respective decoders and/or on the encryption method may be provided, configured and/or known at the receiver side.

(22) In the next step S9 each of the subsequent first chunks of the respective subsequent blocks is decoded using a forward error correction decoder corresponding to the first forward error correction code used for encoding.

(23) Afterwards, in the next step S10, the decoded chunks are decrypted using an algebraic operation, which may be the same as used for the encryption. The algebraic operation is performed on the respective decoded chunk and the second encoded chunk of the previously processed block. Therefore, the decrypted and decoded chunk of the previously processed block is encoded once more using a forward error correction code, wherein a cryptographic indexing function, which is parametrized by the decryption key, provides a set of indices used by the forward error correction code to produce the second encoded chunk of the previously processed chunk. The forward-error correction code and cryptographic indexing function may correspond to the respective encoding scheme. This resulting encoded second chunk of the previously processed block is then used for decrypting the decoded chunk.

(24) The output of the decoding and decryption of all encoded first chunks are decrypted and encoded chunks which can be combined to represent the transmitted version of the original file F, step S11. Due to e.g. additional error-correction symbols of the processed chunks, the file F can be reconstructed without losses.

(25) In both the transmitter and receiver only a single call to an expensive encryption and decryption function, respectively, is performed. Furthermore, this scheme can easily be used to stream information with either fixed or variable block sizes, wherein recipients need to receive the transmission from the beginning to be able to decode the stream. Alternatively, the described scheme can be applied itself to sets of blocks, such that the receiver can join the reception at the transition from a block-set to a new block-set.

(26) FIG. 2 shows a schematic diagram of a computer-implemented method according to embodiments of the invention. The file F is split into several blocks C1, C2, . . . , Ci, . . . Cn. The first block C1 is encrypted using an encryption method E and a given encryption key K resulting in an encrypted first block C1*. Afterwards the encrypted first block C1* is encoded twice using a first and second forward error correction code FEC11, FEC12 resulting in a first and second encoded chunk C11′, C12′ of the first encrypted block C1*. The first encoded chunk C11′ is calculated by using the first forward error correction code FEC1 and a known set of indices. The second encoded chunk C12′ is calculated by using the second forward error correction code FEC12 and a respective indexing function Fi1 which can be parametrized by the encryption key K. The first encoded chunk C11′ of the first encrypted block C1* is outputted. The second encoded chunk C12′ of the first encrypted block C1* is further processed.

(27) In this shown case the first forward error correction codes FEC11, FEC21, FECi1 for each block use given or known indices. Alternatively (not shown), the first forward error correction codes can also use indices provided by an index-generating function. For example, an index-generating function can be provided generating a list of indices which can be transferred to the first and second forward error correction codes of the respective blocks. In this case the first set of indices of the list of indices can be used by the first forward error correction code, the following set of indices by the next and so on.

(28) The second block C2 of the original file F is encrypted by performing an exclusive-or-operation XOR with the second encoded chunk C12′ of the first encrypted block C1* resulting in the second encrypted block C2*. The second encrypted block C2* is encoded twice using a first and second error correction code FEC12, FEC22 for the second block C2 resulting in a first and second encoded chunk C21′ and C22′. The second forward error correction code particularly uses a set of indices provided by a cryptographic indexing function Fi2. The first encoded chunk C21′ of the second encrypted block C2* is outputted. The second encoded chunk C22′ of the second encrypted block C2* is further processed.

(29) For each of the subsequent blocks, i.e. the third to the n-th block, Ci, . . . , Cn, the encrypting and encoding of these blocks Ci, . . . , Cn is analogous to the encrypting and encoding of the second block C2. Hence, encryption and encoding of all subsequent blocks is performed iteratively until all blocks of the original file F are processed.

(30) Finally, each first encoded chunk C11′, C21′, . . . , Ci1′, Cn1′ of each respective block C1, C2, . . . , Ci, . . . , Cn is outputted.

(31) FIG. 3 shows the decoding an decrypting on a receiver side. The first encoded chunks C11′, C21′, Ci1′, . . . , Cn1′ can be transmitted to a receiver comprising a decoding module.

(32) The first of the first chunks C11′ corresponds to the first block C1 of the original file. The first of the first chunks C11′ is decoded using a forward error correction decoder DEC1 which corresponds to the first forward error correction code used for encoding of the first block C1. The decoding results in a decoded but still cryptographically encrypted first chunk C11*. The encrypted first chunk C11* is decrypted using an appropriate decrypting algorithm DE and decryption key K′ resulting in the decrypted and decoded first chunk C11 which may comprise equivalent information as the first block C1, i.e. all symbols of the first block C1 can be recovered.

(33) The decoding and decryption for all subsequent first encoded chunks C21′, . . . , Ci2′, . . . , Cn2′ is performed as follows. The respective encoded chunks C21*, . . . , Ci2′, . . . , Cn2′ are decoded using an appropriate forward error correction decoder DEC2, . . . , DECi, . . . , DECn, respectively, which corresponds to the respective first forward error correction code for each respective block used for encoding of the respective block, resulting in decoded first chunks C21*, . . . , Ci1*, . . . , Cn1* which are still cryptographically encrypted. The encryption thereof is performed based on an algebraic operation, corresponding to the one used for encryption, performed using the second encoded chunk of the respective previously processed block, which was encoded using a forward error correction code FEC2, FEC22. The respective forward error correction code FEC2, FEC22 uses a set of indices provided by a cryptographic indexing function parametrized by the decryption key K′. The used forward error correction code FEC2, FEC22 may correspond to the respective codes used for encryption at the transmitter side.

(34) The decoded and decrypted first chunks C12, C1i, . . . are outputted comprising information corresponding to the blocks C2, Ci, . . . of the original file F.

(35) FIG. 4 shows a schematic block diagram of a transmitter 100 according to embodiments of the invention. A transmitter 100 can for example be a low power device configured to send encrypted and forward error correction encoded data to a receiver via a communication link C. The transmitter 100 comprises an input module 101, a splitting module 102, an encoding module 103, an output module 104. The transmitter 100 can further comprise at least one processor and/or a memory (not shown). It is configured to perform steps of the computer-implemented method according to embodiments of the invention.

(36) FIG. 5 shows schematic block diagram of a receiver 200 according to embodiments of the invention. The receiver 200 comprises a receiving module 201, a decoding module 202, and an output module 203. The receiver 200 can further comprise at least one processor and/or a memory. The receiver can be a low power device receiving forward error correction encoded and encrypted data via a communication link C.

(37) FIG. 6 shows a system 300 of a transmitter 100 and a receiver 200 according to embodiments of the invention. The transmitter 100 and the receiver 200 can be coupled to exchange data via a communication network NW. The transmitter 100 and/or the receiver 200 can be an IoT-device. The transmitter 100, comprising modules as shown in FIG. 4, is configured to provide first encoded chunks for each block of a file. The first encoded chunks are encrypted and forward error correction encoded enabling a secure transmission of the file content. The receiver 200, comprising of modules as shown in FIG. 5, is configured to decrypt and decode the received first encoded chunks. After decryption and decoding the original file content can be reconstructed from the decrypted and decoded chunks.

(38) Although the present invention has been disclosed in the form of preferred embodiments and variations thereon, it will be understood that numerous additional modifications and variations could be made thereto without departing from the scope of the invention.

(39) For the sake of clarity, it is to be understood that the use of “a” or “an” throughout this application does not exclude a plurality, and “comprising” does not exclude other steps or elements.

Computer-implemented method for error-correction-encoding and encrypting of a file

Assignee

Inventors

Cpc classification

Classification Explorer

H03M13/114

ELECTRICITY

Classification Explorer

G06F2221/2107

PHYSICS

Classification Explorer

H03M13/453

ELECTRICITY

Classification Explorer

H04L9/0637

ELECTRICITY

Classification Explorer

G06F21/6209

PHYSICS

Classification Explorer

H04L2209/34

ELECTRICITY

Classification Explorer

H03M13/6508

ELECTRICITY

Classification Explorer

H04L2209/30

ELECTRICITY

Classification Explorer

G06F21/602

PHYSICS

International classification

Classification Explorer

H03M13/00

ELECTRICITY

Classification Explorer

H03M13/11

ELECTRICITY

Classification Explorer

G06F21/62

PHYSICS

Classification Explorer

H03M13/45

ELECTRICITY

Classification Explorer

G06F21/60

PHYSICS

Abstract

Claims

Description