CN105681033A

CN105681033A - Out-of-order encryption device for multivariable quadratic equation

Info

Publication number: CN105681033A
Application number: CN201610053768.4A
Authority: CN
Inventors: 李伟键
Original assignee: Guangdong Polytechnic Normal University
Current assignee: Guangdong Polytechnic Normal University
Priority date: 2016-01-26
Filing date: 2016-01-26
Publication date: 2016-06-15
Anticipated expiration: 2036-01-26
Also published as: CN105681033B

Abstract

The invention discloses an out-of-order encryption device for a multivariable quadratic equation. The out-of-order encryption device comprises a monomial subscript generator, used for generating n(n+1)/2 monomial subscripts (i, j) out of order when computing each multivariable quadratic equation, wherein the i is greater than or equal to 1, the j is greater than or equal to i, and the n is greater than or equal to j; a monomial multiplying unit, used for sequentially computing n monomials aijxixj of the multivariable quadratic equations according to the generation sequence of the monomial subscripts (i, j), wherein aij is plaintext, and xi is a secret key, or aij is the secrete key, and xi is the plaintext; and an accumulator, used for sequentially accumulating the n monomials aijxixj and then writing into a register to obtain ciphertext. By using the out-of-order encryption device provided by the invention, the security of the secret key can be effectively improved, and the side channel attack can be resisted.

Description

An out-of-order encryption device for multi-variable quadratic equations

技术领域technical field

本发明涉及信息安全技术领域，尤其涉及一种多变量二次方程的乱序加密装置。The invention relates to the technical field of information security, in particular to an out-of-order encryption device for multivariable quadratic equations.

背景技术Background technique

MQ问题(MQproblem)是指在一个有限域上求解一组多变量二次方程的问题，一般来说该问题是NP困难的。MQ问题在密码学上是一个非常有研究前景的难题，大量的密码算法基于MQ问题被设计出来，主要包括多变量公钥密码算法(MPKC)、流密码算法QUAD和身份认证算法等。其中，多变量二次方程可以表示如下：The MQ problem (MQproblem) refers to the problem of solving a set of multivariable quadratic equations on a finite field. Generally speaking, the problem is NP difficult. The MQ problem is a very promising research problem in cryptography. A large number of cryptographic algorithms have been designed based on the MQ problem, including multivariate public key cryptography (MPKC), stream cipher algorithm QUAD, and identity authentication algorithms. Among them, the multivariate quadratic equation can be expressed as follows:

Q(x)＝∑_{1≤i≤j≤n}α_ijx_ix_j+∑_1≤i≤nβ_ijx_i+γQ(x)＝∑ _{1≤i≤j≤n} α _ij x _i x _j +∑ _1≤i≤n β _ij x _i +γ

侧信道攻击(sidechannelattack简称SCA)，又称旁路攻击，是一种针对加密电子设备在运行过程中的时间消耗、功率消耗或电磁辐射之类的侧信道信息泄露而对加密设备进行攻击的方法。这种攻击方法给密码设备带来了严重的威胁。Side channel attack (side channel attack referred to as SCA), also known as side channel attack, is a method of attacking encryption equipment for side channel information leakage such as time consumption, power consumption or electromagnetic radiation during the operation of encryption electronic equipment. . This attack method brings serious threats to cryptographic devices.

但是，现有技术均未考虑多变量二次方程的侧信道泄露问题。加密时，直接按照相同顺序对多个多变量二次方程中的每一个单项式进行计算，再把每个单项式的计算结果累加后暂存于寄存器中。攻击者通过对每个多变量二次方程相应寄存器存储操作的功耗进行分析，即可获得密钥或明文信息(a_ij或者x_j的信息)，进而攻破密码算法。However, none of the prior art considers the side-channel leakage problem of multivariable quadratic equations. When encrypting, each monomial in multiple multivariate quadratic equations is directly calculated in the same order, and then the calculation results of each monomial are accumulated and temporarily stored in the register. By analyzing the power consumption of the corresponding register storage operation of each multivariate quadratic equation, the attacker can obtain the key or plaintext information (a _ij or x _j information), and then break the cryptographic algorithm.

发明内容Contents of the invention

本发明实施例提出一种多变量二次方程的乱序加密装置，能够有效提高密钥的安全性，抵御侧行道攻击。The embodiment of the present invention proposes a multi-variable quadratic equation out-of-sequence encryption device, which can effectively improve the security of keys and resist sidewalk attacks.

本发明实施例提供一种多变量二次方程的乱序加密装置，包括：An embodiment of the present invention provides an out-of-order encryption device for multivariable quadratic equations, including:

单项式下标生成器，用于在计算每个多变量二次方程时，乱序生成n(n+1)/2个单项式下标值(i,j)；1≤i≤j≤n；A monomial subscript generator, used to generate n(n+1)/2 monomial subscript values (i,j) out of order when calculating each multivariate quadratic equation; 1≤i≤j≤n;

单项式乘法器，用于按照单项式下标值(i,j)生成的顺序，依次计算所述多变量二次方程的n个单项式α_ijx_ix_j；其中，α_ij为明文，x_i为密钥，或者，α_ij为密钥，x_i为明文；以及，A monomial multiplier, used to sequentially calculate n monomials α _ij x _i x _j of the multivariate quadratic equation in the order in which the monomial subscript values (i, j) are generated; wherein, α _ij is plaintext, and x _i is key, or, α _ij is the key, _xi is the plaintext; and,

累加器，用于将所述n个单项式α_ijx_ix_j依次累加后写入到寄存器中，获得密文。The accumulator is used for accumulating the n monomials α _ij x _i x _j in sequence and writing them into the register to obtain the ciphertext.

进一步地，所述单项式下标生成器采用乱序生成方法生成单项式下标；所述乱序生成方法具体包括：Further, the monomial subscript generator uses an out-of-order generation method to generate a monomial subscript; the out-of-order generation method specifically includes:

S11、在计算每个多变量二次方程时，随机生成单项式下标初始值i＝i_s,j＝j_s；1≤i_s≤j_s≤n；S11. When calculating each multivariate quadratic equation, randomly generate the monomial subscript initial value i=i _s , j=j _s ; 1≤i _s ≤j _s ≤n;

S12、判断j是否为n，若是，则执行步骤S13，若否，则执行步骤S14；S12, judging whether j is n, if so, then execute step S13, if not, then execute step S14;

S13、判断i是否为n，若是，则执行步骤S15，若否，则执行步骤S16；S13, judging whether i is n, if so, then execute step S15, if not, then execute step S16;

S14、将j赋值为j+1，并继续执行步骤S17；S14. Assign j as j+1, and continue to execute step S17;

S15、将i和j均赋值为1，并继续执行步骤S17；S15. Assign i and j as 1, and continue to execute step S17;

S16、将i赋值为i+1，将j赋值为i+1，并继续执行步骤S17；S16. Assign i as i+1, assign j as i+1, and continue to execute step S17;

S17、判断i是否为i_s，且j是否为j_s-1，若是，则所述多变量二次方程中单项式下标值生成完毕，若否，则继续执行步骤S12。S17. Judging whether i is i _s and j is j _s -1, if yes, then the monomial subscript value in the multivariate quadratic equation is generated, if not, continue to step S12.

进一步地，所述累加器具体用于按照单项式α_ijx_ix_j的计算顺序，依次将每个单项式α_ijx_ix_j累加到寄存器中，所述寄存器中累加后的值即为密文。Further, the accumulator is specifically used to sequentially accumulate each monomial α _ij x _i x _j into the register according to the calculation sequence of the monomial α _ij x _i x _j , and the accumulated value in the register is the ciphertext .

进一步地，所述每个多变量二次方程相应的密文为 $Q (x) = Σ_{j_{s} \leq j \leq n} α_{i_{s} j} x_{i_{s}} x_{j} + Σ_{i_{s} < i \leq j \leq n} α_{i j} x_{i} x_{j} + Σ_{\begin{matrix} 1 \leq i \leq i_{s}, \\ i \leq j \leq n \end{matrix}} α_{i j} x_{i} x_{j} + Σ_{i_{s} \leq j < j_{s}} α_{i_{s} j} x_{i_{s}} x_{j} .$ Further, the ciphertext corresponding to each multivariate quadratic equation is $Q (x) = Σ_{j_{the s} \leq j \leq no} α_{i_{the s} j} x_{i_{the s}} x_{j} + Σ_{i_{the s} < i \leq j \leq no} α_{i j} x_{i} x_{j} + Σ_{\begin{matrix} 1 \leq i \leq i_{the s}, \\ i \leq j \leq no \end{matrix}} α_{i j} x_{i} x_{j} + Σ_{i_{the s} \leq j < j_{the s}} α_{i_{the s} j} x_{i_{the s}} x_{j} .$

实施本发明实施例，具有如下有益效果：Implementing the embodiment of the present invention has the following beneficial effects:

本发明实施例提供的多变量二次方程的乱序加密装置，能够在计算每个多变量二次方程时，采用乱序生成单项式下标值的方式来生成n(n+1)/2个单项式下标值(i,j)，并按照单项式下标值(i,j)的生成顺序，依次计算n(n+1)/2个单项式α_ijx_ix_j，使不同多变量二次方程中单项式的计算顺序各不相同，最后，将多变量二次方程中每个单项式累加到寄存器中，实现对密钥的加密，通过打乱各个单项式的计算顺序，使相同的密钥信息在不同时刻出现，从而抵御侧行道攻击，有效提高密钥的安全性。The out-of-order encryption device for multivariate quadratic equations provided by the embodiments of the present invention can generate n(n+1)/2 subscript values in a way of out-of-order generation of monomial subscript values when calculating each multivariate quadratic equation The monomial subscript value (i, j), and according to the generation sequence of the monomial subscript value (i, j), calculate n(n+1)/2 monomial formulas α _ij x _i x _j sequentially, so that different multivariate quadratic The calculation order of the monomials in the equation is different. Finally, each monomial in the multivariable quadratic equation is accumulated in the register to realize the encryption of the key. By disrupting the calculation order of each monomial, the same key information can be used in the appear at different times, thereby resisting sidewalk attacks and effectively improving the security of the key.

附图说明Description of drawings

图1是本发明提供的多变量二次方程的乱序加密装置的第一个实施例的结构示意图；Fig. 1 is the structure schematic diagram of the first embodiment of the out-of-order encryption device of multivariable quadratic equation provided by the present invention;

图2是本发明提供的多变量二次方程的乱序加密装置中乱序生成方法的一个实施例的流程示意图；Fig. 2 is a schematic flow chart of an embodiment of a random order generation method in a multivariable quadratic equation random order encryption device provided by the present invention;

图3是本发明提供的多变量二次方程的乱序加密装置的第二个实施例的结构示意图。Fig. 3 is a structural schematic diagram of a second embodiment of the out-of-order encryption device for multivariable quadratic equations provided by the present invention.

具体实施方式detailed description

下面将结合本发明实施例中的附图，对本发明实施例中的技术方案进行清楚、完整地描述，显然，所描述的实施例仅仅是本发明一部分实施例，而不是全部的实施例。基于本发明中的实施例，本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例，都属于本发明保护的范围。The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

参见图1，是本发明提供的多变量二次方程的乱序加密装置的一个实施例的结构示意图，包括：Referring to Fig. 1, it is a schematic structural diagram of an embodiment of an out-of-order encryption device for multivariate quadratic equations provided by the present invention, including:

单项式下标生成器1，用于在计算每个多变量二次方程时，乱序生成n(n+1)/2个单项式下标值(i,j)；1≤i≤j≤n；Monomial subscript generator 1, used to generate n(n+1)/2 monomial subscript values (i, j) out of order when calculating each multivariate quadratic equation; 1≤i≤j≤n;

单项式乘法器2，用于按照单项式下标值(i,j)生成的顺序，依次计算所述多变量二次方程的n个单项式α_ijx_ix_j；其中，α_ij为明文，x_i为密钥，或者，α_ij为密钥，x_i为明文；以及，Monomial multiplier 2, used to sequentially calculate n monomials α _ij x _i x _j of the multivariate quadratic equation in the order in which the monomial subscript values (i, j) are generated; wherein, α _ij is plaintext, x _i is the key, or, α _ij is the key, and _xi is the plaintext; and,

累加器3，用于将所述n个单项式α_ijx_ix_j依次累加后写入到寄存器中，获得密文。The accumulator 3 is used for sequentially accumulating the n monomials α _ij x _i x _j and writing them into registers to obtain ciphertext.

需要说明的是，在有限域上计算具有r个方程的多变量二次方程组 $\{\begin{matrix} Q_{1} (x) = Σ_{1 \leq i \leq j \leq n} α_{i j}^{1} x_{i} x_{j} + γ^{1} \\ ... ... \\ Q_{r} (x) = Σ_{1 \leq i \leq j \leq n} α_{i j}^{r} x_{i} x_{j} + γ^{r} \end{matrix}$ 来实现对密钥、明文的加密。其中，若α_ij为明文，则x_i为密钥；若α_ij为密钥，则x_i为明文。在本实施例中，在计算多变量二次方程组中的每个多变量二次方程时，随机打乱每个多变量二次方程中的各个单项式α_ijx_ix_j的计算顺序，使不同多变量二次方程中的单项式α_ijx_ix_j的计算顺序各不相同。It should be noted that computing a multivariate quadratic system with r equations over a finite field $\{\begin{matrix} Q_{1} (x) = Σ_{1 \leq i \leq j \leq no} α_{i j}^{1} x_{i} x_{j} + γ^{1} \\ ... ... \\ Q_{r} (x) = Σ_{1 \leq i \leq j \leq no} α_{i j}^{r} x_{i} x_{j} + γ^{r} \end{matrix}$ To realize the encryption of the key and plaintext. Wherein, if α _ij is the plaintext, then _xi is the key; if α _ij is the key, then _xi is the plaintext. In this embodiment, when calculating each multivariate quadratic equation in the multivariate quadratic equation system, the calculation order of each monomial α _ij x _i x _j in each multivariate quadratic equation is randomly disrupted, so that The order of computation of the monomial α _ij x _i x _j in different multivariate quadratic equations varies.

在分别计算每个多变量二次方程时，单项式下标生成器1乱序生成n(n+1)/2个单项式下标值(i,j)，即将多变量二次方程的单项式下标值重新进行排序，使每个多变量二次方程的单项式下标值的顺序各不相同。其中，n(n+1)/2个单项式下标值(i,j)涵盖多变量二次方程中的所有单项式下标值。单项式乘法器2按照每个多变量二次方程各自的单项式下标值生成顺序，计算各个单项式α_ijx_ix_j。累加器3在单项式乘法器2每计算一个单项式时，将该单项式累加到寄存器中，在累加完所有单项式后，即可获得该多变量二次方程相应的密文。多变量二次方程组中的r个方程的计算结果分别相应写入到r个寄存器中。When calculating each multivariate quadratic equation separately, the monomial subscript generator 1 randomly generates n(n+1)/2 monomial subscript values (i, j), that is, the monomial subscript of the multivariate quadratic equation The values are reordered so that the order of the monomial subscript values differs for each multivariate quadratic equation. Among them, n(n+1)/2 monomial subscript values (i, j) cover all monomial subscript values in the multivariate quadratic equation. The monomial multiplier 2 calculates each monomial α _ij x _i x _j in accordance with the generation order of the respective monomial subscript values of each multivariate quadratic equation. When the monomial multiplier 2 calculates a monomial, the accumulator 3 accumulates the monomial into the register, and after accumulating all the monomials, the ciphertext corresponding to the multivariate quadratic equation can be obtained. The calculation results of the r equations in the multivariate quadratic equation group are correspondingly written into the r registers respectively.

每个多变量二次方程中具有n(n+1)/2项单项式，单项式计算顺序打乱后，攻击者若想通过对r个寄存器的功耗分析来获取密钥或明文信息，则需要考虑A(n(n+1)/2,n(n+1)/2)＝(n(n+1)/2)！种可能性来进行分析，从而难以实现对侧信道的攻击。There are n(n+1)/2 monomials in each multivariate quadratic equation. After the calculation order of the monomials is disrupted, if an attacker wants to obtain the key or plaintext information by analyzing the power consumption of r registers, he needs Consider A(n(n+1)/2,n(n+1)/2)=(n(n+1)/2)! As a result, it is difficult to realize the attack on the side channel.

需要说明的是，本发明实施例提供的多变量二次方程的乱序加密方法一般应用在智能卡中，密钥通过多变量二次方程的算法进行加密后存储到智能卡的存储器中。其中，每个多变量二次方程中各个单项式计算顺序均不相同，累加到存储器中的顺序也不相同，从而防止攻击者通过对存储器进行功耗分析而获取密钥信息。It should be noted that the multivariable quadratic equation out-of-sequence encryption method provided by the embodiment of the present invention is generally applied in a smart card, and the key is encrypted by the algorithm of the multivariable quadratic equation and then stored in the memory of the smart card. Wherein, the calculation order of each monomial in each multivariable quadratic equation is different, and the order of accumulating into the memory is also different, so as to prevent an attacker from obtaining key information by analyzing the power consumption of the memory.

进一步地，所述单项式下标生成器1采用乱序生成方法生成单项式下标。如图2所示，所述乱序生成方法具体包括：Further, the monomial subscript generator 1 generates a monomial subscript using an out-of-order generation method. As shown in Figure 2, the out-of-order generation method specifically includes:

需要说明的是，将每个多变量二次方程中的各个单项式完全打乱来抗侧信道攻击的效果最佳。同时，为了减少计算时间和存储开销，避免耗费大量的资源，采用仅打乱每个多变量二次方程中的初始计算顺序，使每个多变量二次方程从不同的初始单项式开始计算，之后仍按顺序计算即可。例如，单项式下标生成器1给第一个多变量二次方程随机生成单项式初始下标值(2,3)，则第一个多变量二次方程从单项式α₂x₃₂x₃开始按顺序计算到单项式α_nx_nnx_n，接着再从单项式α₁x₁₁x₁计算到单项式α₂x₂₂x₂；给第二个多变量二次方程随机生成单项式初始下标值(6,9)，则第一个多变量二次方程从单项式α₆₉x₆x₉开始按顺序计算到单项式α_nx_nnx_n，接着再从单项式α₁x₁₁x₁计算到单项式α₆₈x₆x₈等。这种乱序生成方法使得密钥、明文的在不同多变量二次方程中的相同操作隐藏在不同的时钟周期内，无法通过存储器的功耗曲线特征而观察得到，而且简单高效，有利于软硬件高效实现。It should be noted that the effect of resisting side-channel attacks is best by completely disrupting each monomial in each multivariate quadratic equation. At the same time, in order to reduce calculation time and storage overhead and avoid consuming a large amount of resources, only the initial calculation order in each multivariate quadratic equation is disrupted, so that each multivariate quadratic equation is calculated from a different initial monomial, and then It can still be calculated in order. For example, the monomial subscript generator 1 randomly generates the monomial initial subscript value (2,3) for the first multivariate quadratic equation, then the first multivariate quadratic equation starts from the monomial α ₂ x ₃₂ x ₃ in order Calculate to the monomial α _n x _nn x _n , then calculate from the monomial α ₁ x ₁₁ x ₁ to the monomial α ₂ x ₂₂ x ₂ ; randomly generate the initial subscript value of the monomial for the second multivariate quadratic equation (6,9 ), then the first multivariate quadratic equation is calculated sequentially from the monomial α ₆₉ x ₆ x ₉ to the monomial α _n x _nn x _n , and then from the monomial α ₁ x ₁₁ x ₁ to the monomial α ₆₈ x ₆ x ₈ etc. This out-of-order generation method makes the same operation of the key and plaintext in different multivariate quadratic equations hidden in different clock cycles, which cannot be observed through the characteristics of the power consumption curve of the memory, and is simple and efficient, which is beneficial to software Hardware efficient implementation.

进一步地，所述累加器3具体用于按照单项式α_ijx_ix_j的计算顺序，依次将每个单项式α_ijx_ix_j累加到寄存器中，所述寄存器中累加后的值即为密文。Further, the accumulator 3 is specifically used to sequentially accumulate each monomial α _ij x _i x _j into the register according to the calculation order of the monomial α _ij x _i x _j , and the accumulated value in the register is the encrypted arts.

在计算每个多变量二次方程时，按照单项式α_ijx_ix_j的计算顺序，每计算一个单项式α_ijx_ix_j，则将该单项式累加到寄存器中。其中，不同的多变量二次方程中的单项式存储在不同的寄存器中。When calculating each multivariate quadratic equation, according to the calculation order of the monomial α _ij x _i x _j , each time a monomial α _ij x _i x _j is calculated, the monomial is accumulated into the register. Wherein, monomials in different multivariable quadratic equations are stored in different registers.

其中，每个多变量二次方程随机生成不同的单项式下标初始值(i_s，j_s)，然后各自按照上述公式进行计算，获得密文。Among them, each multivariate quadratic equation randomly generates different monomial subscript initial values (i _s , j _s ), and then each calculates according to the above formula to obtain the ciphertext.

参见图3，是本发明提供的多变量二次方程的乱序加密装置的第二个实施例的结构示意图，包括乱序下标控制器31、多项式变量寄存器32、乘法器33、乘法器34、加法器35、寄存器36和判断器37。其中，多项式变量寄存器32中存储的值可以为密钥，也可以为明文。本发明实施例提供的多变量二次方程的加密装置用于实现多变量二次方程组的加密，其中，多变量二次方程组具有r个多变量二次方程。在计算每个多变量二次方程时，乱序下标控制器31随机生成单项式下标值i和j，其中，随机生成的初始的单项式下标值为i_s和j_s。多项式变量寄存器32根据乱序下标控制器31生成的单项式下标值，输出变量x_i和x_j。乘法器33接收变量x_i和x_j并将其相乘后输出，乘法器34将乘法器33输出的值与系数α_ij相乘后输出，获得单项式，再将单项式通过加法器35累加到寄存器36中。判断器37在寄存器36中累加了下标为(i，j)的单项式后判断该单项式的下标是否(i_s,j_s-1)，若否，则判定为0，将寄存器36中的值与下一个单项式累加后写入到寄存器36中；若否，则判定为1，输出寄存器36中的值，即为密文。Referring to FIG. 3 , it is a schematic structural diagram of a second embodiment of the out-of-order encryption device for multivariable quadratic equations provided by the present invention, including out-of-order subscript controller 31, polynomial variable register 32, multiplier 33, and multiplier 34 , adder 35, register 36 and judger 37. Wherein, the value stored in the polynomial variable register 32 may be a key or plain text. The device for encrypting multivariate quadratic equations provided by the embodiment of the present invention is used to implement encryption of multivariate quadratic equations, wherein the multivariate quadratic equations have r multivariate quadratic equations. When calculating each multivariate quadratic equation, the out-of-sequence subscript controller 31 randomly generates monomial subscript values i and j, wherein the randomly generated initial monomial subscript values are i _s and j _s . The polynomial variable register 32 outputs variables x _i and x _j according to the monomial index values generated by the out-of-sequence index controller 31 . The multiplier 33 receives the variables x _i and x _j and multiplies them to output, and the multiplier 34 multiplies the value output by the multiplier 33 with the coefficient α _ij and outputs it to obtain the monomial, and then the monomial is accumulated to the register by the adder 35 36 in. Determiner 37 judges whether the subscript of this monomial is (i _s , j _s -1) after accumulating subscript is (i, j) monomial in register 36, if not, then judges as 0, and will be in register 36 The value and the next monomial are accumulated and written into the register 36; if not, the judgment is 1, and the value in the output register 36 is the ciphertext.

以上所述是本发明的优选实施方式，应当指出，对于本技术领域的普通技术人员来说，在不脱离本发明原理的前提下，还可以做出若干改进和润饰，这些改进和润饰也视为本发明的保护范围。The above description is a preferred embodiment of the present invention, and it should be pointed out that for those skilled in the art, without departing from the principle of the present invention, some improvements and modifications can also be made, and these improvements and modifications are also considered Be the protection scope of the present invention.

Claims

1. the random sequence encryption device of a multivariate quadratic equation, it is characterised in that, comprising:

Monomial subscript maker, for when calculating each multivariate quadratic equation, random sequence generates n (n+1)/2 monomial subscript value (i, j); 1≤i≤j≤n;

Monomial multiplier, for the order generated according to monomial subscript value (i, j), calculates n monomial α of described multivariate quadratic equation successively_ijx_ix_j; Wherein, α_ijFor plaintext, x_iFor key, or, α_ijFor key, x_iFor expressly; And,

Totalizer, for by described n monomial α_ijx_ix_jIt is written in register after adding up successively, obtains ciphertext.

2. the random sequence encryption device of multivariate quadratic equation as claimed in claim 1, it is characterised in that, described monomial subscript maker adopts random sequence generation method to generate monomial subscript; Described random sequence generation method specifically comprises:

S11, calculate each multivariate quadratic equation time, stochastic generation monomial subscript initial value i=i_s, j=j_s; 1≤i_s≤j_s≤ n;

S12, whether be n, if then performing step S13, if not, then perform step S14 if judging j;

S13, whether be n, if then performing step S15, if not, then perform step S16 if judging i;

S14, it is j+1 by j assignment, and continues to perform step S17;

S15, it is 1 by equal for i and j assignment, and continues to perform step S17;

S16, it is i+1 by i assignment, it is i+1 by j assignment, and continue to perform step S17;

Whether S17, to judge i be i_s, and whether j be j_s-1, if then in described multivariate quadratic equation, monomial subscript value generates complete, if not, then continue to perform step S12.

3. the random sequence encryption device of multivariate quadratic equation as claimed in claim 1, it is characterised in that, described totalizer is specifically for according to monomial α_ijx_ix_jCalculating order, successively by each monomial α_ijx_ix_jBeing added in register, the value after cumulative in described register is ciphertext.

4. the random sequence encryption device of multivariate quadratic equation as claimed in claim 2, it is characterised in that, the described corresponding ciphertext of each multivariate quadratic equation is

Q (x) = {Σ_{j}}_{s \leq j \leq n} α_{i_{s} j} x_{i_{s}} x_{j} + Σ_{i_{s} < i \leq j \leq n} α_{i j} x_{i} x_{j} + Σ_{\underset{i \leq j \leq n}{1 \leq i \leq i_{s},}} α_{i j} x_{i} x_{j} + Σ_{i_{s} \leq j < j_{s}} α_{i_{s} j} x_{i_{s}} x_{j} .