JP2002252610A - Encryption device and decryption device, and public key encryption system and public key decryption system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a chaos encryption device that is high in cryptographic strength and capable of being installed in a cellular phone. SOLUTION: In a step 2 for a key initial conversion, a key K is divided of desired byte length, for an initial conversion key Kh to be generated. In a step 3 for digital chaos signal generation, the initial conversion key Kh is defined as an initial value of a chaos function, and a digital chaos signal C is generated. In a step 4 for chaos filtering, the chaos digital signal C in floating point type is converted into an integer, and then converted into a binary. A binary digital chaos signal D can be processed by Java for a small electronic unit. Since later cryptographic algorithm can be programmed by using Java, this device can be mounted on the cellular phone. Furthermore, a key series Kc is generated by processing the chaos signal D and the initial conversion key Kh. Since the key series is generated by using the chaos signal, the cryptographic strength is high, and a cryptographic rate is high.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an encryption device for encrypting a communication message in communication such as the Internet, and a decryption device for decrypting a cipher text transmitted from the encryption device. The present invention relates to a chaos encryption / decryption device in which the encryption strength is improved and the speed of encryption / decryption is remarkably improved by converting a chaotic signal in a floating-point format into an integer.

[0002]

2. Description of the Related Art The Internet has developed into an open environment in which not only computers but also mobile phones and general home appliances can be connected. On the Internet, e-commerce and the like are rapidly developing. The information handled here is personal data, payment data, and the like, and high confidentiality is required. Therefore, in order to prevent data leakage and further protect communication users from information crimes such as so-called spoofing, various encryption methods have been put to practical use. Although the encryption system includes an encryption device and a decryption device, the decryption device can be realized with the same configuration as the encryption device.

[0003] Cryptographic systems are roughly classified into two types, ie, a common key cryptosystem and a public key cryptosystem, in relation to a key generation method. The common key cryptosystem is also called a symmetric cryptosystem, and uses the same key for encryption and decryption. On the other hand, the public key cryptosystem is also called an asymmetric cryptosystem, and uses different keys for encryption and decryption. Since the common key cryptosystem uses the same key for encryption / decryption, an individual key is required each time the data is encrypted and exchanged. Therefore, in the common key cryptosystem, key management becomes complicated. In addition, since the decryption can be performed with the encryption key, the key must be sent to the third party secretly to the third party, and attention must also be paid to how to send the key.

[0004] A public key cryptosystem is a system in which this drawback in the common key cryptosystem is improved. Public key cryptography is
This is a method of performing encryption and decryption using a unique algorithm, and enables encryption and decryption using different encryption keys and decryption keys. In this method, encryption / decryption can be performed without worrying about the drawbacks of the common key encryption method, that is, the complexity of key management and the difficulty of transmitting a key by reducing the possibility of leakage. it can. The public key cryptosystem can be said to be a system in which a special algorithm for generating a public key is added to the common key cryptosystem. This public key cryptosystem is very convenient as a cryptosystem,
It can be said that the encryption strength is high, but the encryption speed tends to be slow. For details, refer to the following reference [NK97].
Is described in

[0005] Further, the encryption method relates to a method of processing data to be encrypted, and is roughly classified into a block encryption method and a stream encryption method. The block encryption method is a method in which data to be encrypted is divided into arbitrary fixed lengths and processed. On the other hand, as described in "Encryption and Information Security", edited by Shigeo Tsujii and Masao Sasahara (Shokodo, 1990), the stream encryption method is 1 bit or 8 bit [1
Byte (= 1 character)]. In the block cipher method, plain text is divided into fixed lengths and processed. Therefore, it is easy to find a rule in encryption processing using an encryption algorithm or the like, and encryption strength is generally considered to be low.

[0006] On the other hand, in the stream cipher system, it is difficult to find a rule in the encryption process. However, in the stream encryption method, plaintext is encrypted with a pseudorandom number inside a cryptographic algorithm, so that the degree of difficulty in decrypting the pseudorandom number directly affects the encryption strength. If a stream cipher is configured using pseudo-random numbers that are cryptographically secure, a cryptosystem with high security strength can be constructed by the stream cipher.

However, all of the conventional pseudo-random numbers lack security, and the weak points of the stream encryption method have not been solved.
For this reason, many cryptosystems that employ block ciphers and add other technologies to the block ciphers have been developed to prevent the discovery of rules in the encryption process. Have been. The details are described in the following reference [NK97].

In the encryption system, it is important to balance the processing speed of data for encryption and decryption with the encryption strength. As a well-known encryption system, there is the DES (Data Encryption Standard) adopted by the US Bureau of Standards in 1977. This DES is a cryptographic system that has already been broken in its basic technology. At present, in order to increase the difficulty of decryption, 3DES has been developed in which the same encryption processing is repeated three times. As another encryption method, there is a chaos encryption method. For chaos, refer to the following references [AI90], [AI0
0]. Chaos is a Greek word meaning chaos, which can be called complexity under simple rules.
The chaos encryption method utilizes the following characteristics of chaos. Sensitive dependence on initi
al condition). One way. There is a strange attractor. A chaos encryption system that utilizes such characteristics of chaos is
It is said that the cryptographic processing speed is fast, it operates with a lightweight program, and the cryptographic strength is also high. In chaos encryption,
As a method of implementing a nonlinear chaotic signal in a cryptosystem (chaos coding method), a method used for an encryption function of a block cipher and a method used for generating a stream key are known.

[0009]

In the above-mentioned 3DES, the same processing is repeated, so that the encryption processing speed is sacrificed. In other words, at present, DES users can only choose to reduce the encryption processing speed in order to maintain a certain encryption strength. Also, in the conventional chaos encryption method,
Among the methods of implementing a nonlinear chaotic signal in a cryptographic system, the block cipher system has a simple mapping itself and is easy to implement. In this block cipher system, a cut map having a piecewise linearity and a tent map are used as they are. Therefore, even with the chaos encryption method, the cipher text is decrypted by the differential decomposition method in the block encryption method. On the other hand, among the chaotic cryptosystems, in a method of using a chaotic signal for generating a stream key, it is difficult to implement a non-linear chaotic signal in a cryptosystem, and few of them have been put to practical use. The nonlinear chaotic signal appears in a floating-point format, but cannot perform floating-point processing under some Java environments for small electronic devices such as mobile phones. The fact that a floating point processing method has not been established in the past has made it difficult to implement a nonlinear chaotic signal in a cryptosystem used in small electronic devices such as mobile phones.

In consideration of these points, the conventional encryption system generally has the following problems to be solved. (1) The processing speed and the encryption strength are fixed, and the processing speed and the encryption strength cannot be selected as required by the user. (2) In an environment where a mobile phone can be connected to the Internet, an encryption system with a higher encryption processing speed and a certain level of reliable encryption is required. Chaos encryption technology, which is said to be expensive, has not been compatible with small electronic devices such as mobile phones. (3) In general, a fixed-length key is employed, but a ciphertext encrypted with a fixed-length key is easier to decipher than a ciphertext encrypted with a variable-length key. (4) In the block cipher system, since encryption processing is performed for each fixed length, cipher text has periodicity. When a file in which a specific pattern such as image data appears is encrypted, the file is easily decrypted. Not suitable for (5) Since the basic algorithm of the cryptographic system cannot be easily updated, the same basic algorithm tends to be used for many years, and it becomes easy to be deciphered with the age of use.

Therefore, an object of the present invention is to select a processing speed and an encryption strength as required by a user,
Providing an encryption method that makes chaos encryption technology compatible with small electronic devices such as mobile phones, adopts variable-length keys, makes it difficult for cipher text such as images to have periodicity, and can easily update the basic algorithm It is in. Another object of the present invention is to provide a public key cryptosystem employing the cryptosystem.

[0012]

In order to solve the above-mentioned problems, the present invention provides the following means.

[1] Chaos generating means for generating a floating-point digital nonlinear chaotic signal based on a chaotic function initial value, a chaotic function parameter and a chaotic function associated with a common key, and converting the digital nonlinear chaotic signal into an integer format Integer converting means for converting and generating an integer digital non-linear chaotic signal;
Binary encoding means for converting into a value code to generate a binary encoded digital nonlinear chaotic signal, and exclusive OR of a first key sequence derived from the common key and the binary encoded digital chaotic signal Exclusive OR operation means for generating a second key sequence by operation, and encryption operation means for generating a ciphertext by operation processing of the input plaintext and the second key sequence. Encryption device.

[2] The encryption operation means comprises a primary encryption unit and a secondary encryption unit, and the primary encryption unit performs an exclusive logical operation between the plaintext and the second key sequence. A primary ciphertext is generated by a sum operation, and the secondary encryption unit generates a secondary ciphertext by an exclusive OR operation of the primary ciphertext and vector data. The encryption device according to [1].

[3] An internal vector generator is provided, and the internal vector generator includes the common key, the digital nonlinear chaotic signal, the integer digitized digital nonlinear chaotic signal, the binary coded digital nonlinear chaotic signal, the plaintext, The first
Secondary ciphertext or secondary ciphertext or other data,
Selecting at least one of input data input in the process of generating the ciphertext or internal data generated internally as internal unique data, and setting a part or all of the internal unique data as an initial value; Generating the vector data based on the initial value.
The encryption device according to [2].

[4] The internal vector generation unit generates the initial value by processing the internal unique data,
The data length of the initial value is different from the fixed data length of the internal unique data, and the vector data having the same data length as the primary cipher text is generated based on the initial value [ The encryption device according to [3].

[5] The integer conversion means converts the floating-point digital non-linear chaotic signal output from the chaos generation means into a character string, and converts the character string into integer-format data, thereby converting the integer into data. The cryptographic apparatus according to any one of [1] to [4], wherein the cryptographic apparatus generates a generalized digital nonlinear chaotic signal.

[6] A decryption device for decrypting a ciphertext generated by the encryption device according to any one of [1] to [5] has the same configuration as the encryption device according to [1] to [5]. Yes, inputting the ciphertext in place of the plaintext, and decrypting the input ciphertext with the same common key as the common key used in the encryption device according to [1] to [5]. A decoding device characterized by the following.

[7] A common key generation means for generating a common key from a sender's private key and a recipient's public key, a session key generation means for generating a session key, a first encryption means, and a second encryption means Wherein the first encrypting means generates a cipher text by encrypting a plaintext with the session key, and the second encrypting means encrypts the session key with the common key. In a public key cryptosystem for generating an encryption key by encrypting, the first and second encryption means are the encryption devices according to the above [1] to [5]. method.

[8] A public key decryption method for decrypting a ciphertext generated by the public key encryption method according to [7] has the same configuration as the public key encryption method according to [7]. The common key generation means generates a decryption common key from the sender's public key and the receiver's private key, and the second encryption means inputs the encryption key in place of the session key. Decrypting the session key with the decryption common key,
A public key decryption method, wherein the first encrypting means inputs the ciphertext in place of the plaintext and decrypts the plaintext with the session key decrypted by the second encrypting means. .

[9] The public key cryptosystem according to [7], wherein the session key generation means uses a random number generated internally as the session key.

[10] The public key decryption method according to [8], wherein the session key generation means uses a random number generated internally as the session key.

[0023]

DESCRIPTION OF THE PREFERRED EMBODIMENTS Next, embodiments of the present invention will be described.
The present invention will be described in more detail. First, an encryption device according to an embodiment of the present invention will be described with reference to FIGS. FIG. 1 is a diagram showing a procedure of an encryption process by an encryption algorithm in the encryption device, and reference numerals 1 to 11 represent processing steps. In the figure, step 1 is key (K) input, step 2 is key initial conversion, step 3 is digital chaos signal generation, step 4 is chaos filtering, step 5 is key sequence (Kc) generation, and step 6 is plain text (P ) Input, Step 7 is primary encryption, Step 8
Is an internal vector (V) generation, step 9 is secondary encryption, step 10 is final conversion, and step 11 is ciphertext (KcPVE) output. In step 1, the key K is input, and in step 2, the key K is initially converted with respect to the key K input in step 1 to generate an initial conversion key Kh. Hereinafter, in the encryption algorithm of FIG. 1, processing proceeds as shown in FIG. Hereinafter, an encryption algorithm applied to the encryption device according to the present embodiment will be described in detail with reference to FIGS.

FIG. 2 is a diagram showing a configuration of an encryption algorithm in the encryption device. In this figure, 102 is a key initial conversion unit, 103 is a digital chaos signal (C) generation unit, 104 is a chaos filter, 105 is an exclusive OR operation unit, 107 is a primary encryption unit, and 108 is an internal vector ( V) a generation unit, 109 is a secondary encryption unit, 110 is a final conversion unit, 1041 is an integer value conversion unit, and 1042 is a binary coding processing unit. Each unit in FIG. 2 performs the process of the step having the corresponding name in FIG.

The encryption device of the present invention employs a chaos encryption method, and uses a chaos signal for generating a stream key. In the present invention, a predetermined chaos function is incorporated into a cryptographic algorithm, and the chaos function is digitally processed to generate a chaos signal. Therefore, the chaotic signal handled in the present invention is a digital chaotic signal. Further, since the chaotic signal is generated in a floating-point format, the chaotic signal in the present invention is a digital non-linear chaotic signal in a floating-point format.

In the following description, P (i) is a plaintext serving as input data, S (i) is a signal sentence, K (j) is a key, and C (i) is a digital chaos signal. P (i) and C (i) are data processed in units of bytes, and have a length of n bytes. K
(i) is a character string composed of ASCII codes (for example, a to z,
0 to 9), and its length is m. That is, 0 <i ≦ n, 0 <j ≦ m
It is. In this embodiment, the key K is input to the key initial conversion unit 102 by a user from a keyboard or the like. According to the procedure described below, the digital chaos signal C is generated according to the key K.

First, the key initial conversion unit 102 divides the key K, which is a character string of an arbitrary length, input by the user into an arbitrary byte length, and converts the key into an initial conversion key Kh (corresponding to the above-described first key sequence. ). The initial conversion key Kh is a binary code. The digital chaos signal generation unit 103 obtains an initial value init of the chaos function using the key Kh. This initial value init can be obtained by various methods. For example, the user enters the key K,
In response to this key K, the initial conversion key K
It is assumed that a numerical value of 1234567890 has been output as h. The condition of the initial value init is to satisfy an arbitrary length m. Therefore, if m is 1, the initial value init may be only the first 1 in the key K, or may be 6 or 0. Of course, if the arbitrary length m is two digits, 12
If the arbitrary length m is specified to be long, the value consisting of all the characters constituting the key K may be set as the initial value init.

The digital chaos signal generation unit 103 includes an initial value init of the chaos function obtained by this processing and a parameter α of the chaos function set in advance (a plurality of parameters are also possible).
And a chaotic function are used to generate a non-linear digital chaotic signal C. Thus, the digital chaos signal C
Is generated based on a chaos function initial value derived from the key K, a chaos function parameter, and a chaos function.

Various chaos functions can be substituted for the chaos function used in the digital chaos signal generator 103. If a chaos function having properties more suitable for the present invention is found, the function is used in this embodiment. Just by applying, it is expected that the encryption strength and the processing speed will be improved.

For example, a logistic map, which is a typical chaos function, can be defined as follows. X (i + 1) = αX (i) (1-X (i)) where α is a motion parameter and a parameter of a chaotic function. In the present embodiment, an attractor (strange attractor) unique to chaos is controlled using this α. When this logistic mapping is used in the present embodiment, X (1) is an initial value init. FIG. 4 is a diagram illustrating the irregularity of the logistic mapping with i being the horizontal axis and X (i) being the vertical axis. FIG. 5 is a characteristic diagram of the logistic mapping in which X (i) is plotted on the horizontal axis and X (i + 1) is plotted on the horizontal axis. As illustrated in FIG. 5, in the logistic mapping, there are extremely many values of X (i + 1) on the vertical axis corresponding to X (i) on the horizontal axis, and FIG. +1) is difficult to predict.

The digital chaotic signal is represented in a floating point format. Therefore, in the encryption algorithm according to the present embodiment, it is necessary to process a digital chaotic signal in a floating-point format. Since the exclusive OR operation unit 105 cannot handle the floating point, the exclusive OR operation unit 105 is provided with a chaos filter 104, which converts the digital chaos signal C in the floating point format into a binary code.

Normally, in the case of an apparatus capable of performing floating-point processing, such as a computer used in an Internet connection environment, a floating-point arithmetic processing unit can be included in the encryption algorithm. However, some Java for mobile phones and other small electronic devices cannot perform floating-point operations, so it is necessary to convert floating-point numbers to integer values by other operations. The operation of converting floating-point data to an integer value is an important point for implementing a chaotic signal as a cryptosystem (chaotic coding). In this embodiment, the chaos filter 104 converts floating-point data into integer values.

In the present embodiment, the processing in the chaos filter 104 is roughly divided into a chaos coding processing (floating point calculation part) and a binary coding processing. First, the chaos coding process is performed by the integer value conversion unit 1041.
Digital chaos signal C is IEEE single precision (in C language,
float) or IEEE double precision (double in C language). Now, assuming that the encryption algorithm in this embodiment is programmed in C language, this float
Converts the type or double type to a character such as char once, and returns 0
And values other than 0.0 are extracted. By converting the extracted numeric part into an integer value such as a long type, the floating point is converted to an integer value, and the actual chaos coding process is performed. Of course, this processing itself is simple and lightweight in terms of a program, and the processing execution speed is high.
The integer value conversion unit 1041 converts the digital chaotic signal C in the floating-point format into an integer, and outputs an integer-converted digital chaotic signal C _I.

For example, when the value of the digital chaos signal C is
In the case of a floating point (float type) of 0.012345..., First, a decimal number of 0.012345 is cut out from the floating point (float type) of 0.012345. Type). Next, 0 and 0.0 are deleted, the character 12345 (char type) is extracted, and converted to a numerical value (long type) 12345 again. This 1234
5 is an integer value. FIG. 6 shows an example of simplified data in order to facilitate understanding of input / output data in the processing performed in the embodiment shown in FIGS.

Next, the binary encoding processing is performed by a binary encoding processing unit.
Performed at 1042. The binary coding is to express a value of a bit position which is a minimum unit in a specific signal or a character as a code by a binary code (or a binary number). In other words, this processing is to divide each data into the minimum unit so that the exclusive OR operation unit 105 performs the arithmetic processing using the initial conversion key Kh and the digital chaos signal D. When the integer digital chaos signal C _I is 12345,
The binary coded digital chaotic signal D output from the binary coding processing unit 1042 is 00110001, 001001
0,00110011,0110100,001101
01.

The exclusive OR operation unit 105 performs an exclusive OR operation on the bit by bit basis of the binary coded digital chaos signal output from the binary coding processing unit 1042 and the key Kh of the binary code. , A key sequence Kc (the above-described second key sequence).

Next, the operation of the exclusive OR operation unit 105 and the primary encryption unit 107 will be described using simple data as an example.
Now, a case where the key K is input, the initial return key Kh at this time is “a”, and the plaintext P is input as “HELLO” will be described.

The digital chaos signal C generated by the digital chaos signal generator 103 is supplied to a chaos filter 104. The chaos filter 104 is a digital chaos signal C
, The generation of the binary coded digital chaos signal D is repeated until the length becomes equal to the plaintext P. Now, since the plaintext P is “HELLO” having five characters, the binary coded digital chaos signal D also has five characters. The five characters constituting the binary coded digital chaos signal D are tentatively designated as 1, 2, 3, 4, and 5, respectively. That is, the chaos filter 10
4 is a binary coded digital chaotic signal D, D ₁ =
It is assumed that five characters of 1, D ₂ = 2, D ₃ = 3, D ₄ = 4, and D ₅ = 5 are output.

The exclusive OR operation unit 105 calculates the initial return key Kh
The key sequence Kc is generated by exclusive ORing the binary code of “a” and the binary code of each character of the digital chaos signal D. More specifically, the exclusive OR operation unit 105 performs the following processing. The binary code of the key “a” (01
The key sequence Kc ₁ (01010000) is generated by exclusive OR processing of the binary code (00110001) of D ₁ obtained from the digital chaos signal with the digital chaotic signal. The binary code of the key “a” (0110
0001) and by exclusive-ORing the binary code of the D ₂ obtained from the digital chaos signal (00110010), the key sequence K
Generate c ₂ (01010011). Binary code of key "a" (011000
01) and the exclusive OR processing with the binary code of the D ₃ obtained from the digital chaos signal (00110011), the key sequence Kc
₃ Generate (01010010). The binary code of the key “a” (0110000
The exclusive OR process between 1) and the binary code of the D ₄ obtained from the digital chaos signal (00,110,100), the key sequence Kc
₄ Generate (01010101). The binary code of the key “a” (0110000
The exclusive OR process between 1) a binary code D ₅ obtained from the digital chaos signal (00110101), the key sequence Kc
₅ Generate (01010100).

Primary encryption section 107 and secondary encryption section 1
The configuration composed of both the components 08 corresponds to the above-described encryption operation means. In the primary encryption processing by the primary encryption unit 107, the plaintext P input by the user is subjected to binary encoding, and the key sequence Kc (binary encoding) output from the exclusive OR operation unit 105 is used. ) And the plaintext P are subjected to exclusive OR operation in bit units. The data obtained by the primary encryption processing is output as a primary encrypted text KcP.

In the above data example, the generated key sequence K
The exclusive OR processing of c and the plaintext P is performed as follows. Decompose "HELLO" in plaintext P into individual characters, and
The binary code (01001000) and exclusive OR processing with the binary code of Kc ₁ obtained from the key sequence (01010000) of the
Generate the primary ciphertext KcP ₁ (00011000). A first cipher text KcP ₂ (00010110) is generated by an exclusive OR operation of the binary code of E (01000101) and the binary code of Kc ₂ (01010011) obtained from the key sequence. L binary code (010011
00) and the binary code of Kc ₃ obtained from the key sequence (0101001
0) and the first ciphertext KcP ₃
(00011110) is generated. By performing an exclusive OR operation on the binary code of L (01001100) and the binary code of Kc ₄ (01010101) obtained from the key sequence, the first ciphertext KcP ₄ (0001100
1) Generate. The first ciphertext KcP ₅ (00011011) is generated by performing an exclusive OR operation on the binary code of O (01001111) and the binary code of Kc ₅ (01010100) obtained from the key sequence.

In the ordinary stream symmetric encryption method, the entire encryption processing is completed in the first encryption processing step, and the obtained data is output as ciphertext KcP.
In the present embodiment, an internal vector generation unit 108 generates the encrypted text KcPV independently, and a secondary encryption unit 109 performs an arithmetic operation on the unique vector data V and the encrypted text KcP to generate an encrypted text KcPV. .

The internal vector data V is unique vector data having a constant periodicity and dynamically changing. The internal vector data V is generated based on the initial value. This initial value is the plaintext P or key K initially input by the user, the digital chaos signal C generated inside the encryption algorithm of the present embodiment, the key sequence Kc obtained by internal arithmetic processing, or the encryption. First of the conversion operation means
Data selected from data unique to each process, such as the primary ciphertext KcP determined by the encryption process, is used as internal unique data, and all or part of the internal unique data is selected. That is, the initial value is generated by converting the data length based on the internal unique data having a fixed data length. , Which are anomalous from the fixed length of each data.

Of course, the initial value may be configured by combining a plurality of internal unique data. This initial value is stored in the encryption processing register. In this storage, the type of the internal unique data on which the initial value is generated is also stored.

The secondary encryption unit 109 performs a binary encoding process on the internal vector data V, and performs an exclusive OR operation with the primary encrypted text KcP output from the primary encryption unit 107. The data obtained from the secondary encryption processing is generated as a secondary encrypted text KcPV. This secondary encryption processing can be executed by a light program, but the encryption strength is increased without deteriorating the encryption processing speed by the dynamically changing internal vector data V.

According to the above example, specific data will be given.
An example of the second encryption processing will be described. In this description, the internal vector
The initial value of the torque data V is
Select Lucas signal C and start digital chaos signal C
2 digits of “12” as the initial value, and this initial value is automatically
It is a vector to be raised. First, the registry for encryption
The selected initial value “12” is stored in the
Until the number of characters equals
Now. Now, since the plaintext P has 5 characters,
First, 12 is selected, then 12²= 144 is calculated
5 characters "12144" are the internal vector data
Is output. That is, V ₁= 1, V₂
= 2, V₃= 1, V₄= 4, V₅= Output 4 and 5 characters
I assume it.

In the secondary encryption processing, the generated primary encrypted text KcP and the internal vector data V are subjected to exclusive OR processing. First Tsugikura ciphertext KCP ₁ binary code (00011000)
And the exclusive OR processing with the binary code of the vector _{V 1} (00110001), generating a second Tsugikura ciphertext KcPV ₁ (00101001). The exclusive OR process between first Tsugikura ciphertext KCP ₂ binary code (00010110) and binary code of the vector _{V 2} (00110010), generating a second Tsugikura ciphertext KcPV ₂ (00100100). The exclusive OR processing with the binary code (00110001) of the first Tsugikura ciphertext binary code of KCP ₃ (00011110) and the vector _{V 3,} generates a second Tsugikura ciphertext KcPV ₃ (00101111). The exclusive OR processing with the binary code of the first Tsugikura ciphertext KCP binary code of ₄ (00011001) and the vector _{V 4} (00110100), second Tsugikura ciphertext KcPV ₄ generates a (00101101). The exclusive OR of the binary code (00110100) of the binary code (00011011) and the vector _{V 5} of the first Tsugikura ciphertext KCP _5, generating a second Tsugikura ciphertext KcPV ₅ (00101111).

In the final conversion section 110, this secondary ciphertext Kc
The PV is further agitated to generate a final ciphertext KcPVE and complete the encryption. There are various stirring methods, and at least one of the stirring methods is performed at least once. For example, the output second
There is a bit exchange method for exchanging the left and right 4 bits of the next ciphertext KcPV. In the bit exchange method, the second ciphertext KcPV
₁ (00101001) is divided into (0010) and (1001), and (1001)
Replace with (0010) and output as (10010010). Or
There is a bit shift method that shifts output bits according to a specific constant law. In this bit shift method, the first bit shifts to the second bit, the second bit shifts to the third bit, and so on.
The last 8th bit is shifted to the 1st bit. That is, the second cipher text KcPV ₁ (00101001) is output as (01010010).

The encryption algorithm of the present invention is a symmetric key type encryption system, and the encryption key and the decryption key are common. That is, the decryption is completed by performing the same processing procedure as the above-described encryption. For example, if the same key K as that used for the above encryption is input, the initial value init of the chaos function becomes the exact same value, and is generated.
In the following key sequence generation, the same value is generated in the primary encryption processing and the secondary encryption processing.

As described above, in the common key cryptosystem, since the same key is used for encryption / decryption, there are problems such as complicated key management and leakage at the time of key transmission. On the other hand, in the public key cryptosystem, the above problem is solved because the encryption key and the decryption key are different keys. The public key cryptosystem is convenient for the user because he or she does not have to worry about key management and leakage at the time of key transmission.

At present, various techniques have been developed in order to reduce the key management (the details are described in the following reference [TK90]). In the present embodiment, the specifications are now open to the public, and Diffie, which has a reputation for achievements and safety.
A public key cryptosystem is realized by using a Hellman key exchange system (hereinafter referred to as a DH method). FIG. 3 is a diagram showing a public key cryptosystem according to an embodiment of the present invention to which the DH method is applied.

The DH method was first described in 1976 by Stanford University, W.S. Diffie and M.S. E. FIG. It is a key exchange method (also called a key distribution method) based on the current public key method, which is a method of securely transferring keys devised by Hillman. The following reference [DH76] has a detailed description. The public key cryptosystem in this specification includes a cryptosystem called a key exchange system or a key distribution system in addition to a cryptosystem called a public key system (including a DH method). The classification of the encryption method is described in detail in the following references [K061], [FUM100] and [ipa].

The public key cryptosystem must be one that can be easily encrypted, but difficult to decrypt. Therefore,
When C is ciphertext, M is plaintext, f is an encryption function, and f ^-1 is an inverse encryption function (decryption function), mathematically C = f
Although (M) can be easily performed, the calculation of the inverse transformation M = f ^-1 (C) must be very difficult. That is,
If you know the encryption key and the encryption function, you can easily create a ciphertext, but the decryption key must be difficult to find.
Hereinafter, the DH method will be described with a specific example.

As described in Tatsuaki Okamoto and Hiroshi Yamamoto, modern cryptography (Sangyo Tosho 1997), in the DH method, the prime p
Is generated, the element g in the multiplicative group Z ^* _p is determined, and these values are made public as parameters common to the system. According to the following procedure, the key is shared between the user A and the user B using a communication channel that may be eavesdropped. A is a random number X∈Z
Generate _p-1 and a = g ^x Calculate mod _p . A sends B to B. B generates a random number Y∈Z _p−1 , and b =
g ^y Calculate mod _p . B sends b to A. A is k
Calculate _a = b ^× mod _p, and let k be the common key between B and b. B calculates k _b = a ^y mod _p, and uses k as a common key with A. A is Therefore, k _a = k _b and the key can be shared between A and B. For example, when the prime number p = 11 and the original element g = 6. As 4 random numbers A is 3, B a random number decided decided sends a remainder 7 at 11 A is 6 ³ B. Also, B
Sends a remainder 9 of 11 ^{6 4} A. A calculates on the basis of 9 sent from B, and obtains the remainder 3 of 9 ³ at 11.
B also computed based on the 7 sent from A, 7 ⁴ 1
The remainder 3 at 1 can be obtained. From the above, 3 which is a common key can be derived.

DH can be decoded only when the discrete logarithm problem can be solved. In the above example, simple integers have been described. However, it is difficult to analyze and decipher the number when it becomes 100 or 200 digits. At present, there is no effective solution for this problem. Is also safe. The following reference [NK99] details this point.

The algorithm for converting to the public key method (hereinafter referred to as the public key algorithm) is processed separately by the sender and the receiver. The transmitting side is provided with a common key generation unit and a transmission unit. The common key generation process in the common key generation means is divided into a common key generation process and an encryption process. After the encryption processing, transmission is performed to the receiver by the transmission means. The receiver receives the data transmitted from the sender by the receiving means, and generates a common key by the common key generation means similar to the sender. After generating the common key, the received data is decrypted by performing decryption processing instead of encryption processing.

Referring now to FIG. 3, a description will be given of a procedure of encryption and decryption performed by a public key cryptosystem according to an embodiment of the present invention. In FIG. 3, 301 and 304 are DH
Algorithms 302, 303, 305, and 306 are encryption algorithms. The encryption algorithms 302, 303, 305, and 306 are the encryption algorithms shown in FIGS. 1 and 2 (the embodiments of the present invention).
It is. FIG. 1 and FIG. 2 show an encryption device, but since this encryption device is substantially composed of an encryption algorithm,
1 and 2 show the encryption algorithm.

When users a and b use the public key cryptosystem shown in FIG. 3 to transmit and receive data, the transmitting user is a (hereinafter referred to as a sender a), and the receiving user is b (hereinafter referred to as b). , The recipient b) encrypts the data that the sender a wants to transmit using its own private key, the secret key SKa, the public key of the recipient b, and the public key PKb. I do. It should be noted that the public key PKb is disclosed on the Internet in an environment connected to the Internet, and is publicly disclosed in the environment in other environments.
If you want to use the public key cryptosystem, you can always get it. Since the data that can be handled by the encryption device of FIGS. 1 and 2 is multimedia data, data transmitted by the public key encryption method of FIG. 3 (data handled by the public key encryption method of FIG. 3) is text data, binary data, Multimedia data such as data.

The common key generation process is described in D. H algorithm 301
Is processed. Sender a, entered by sender a
From the secret key SKa of the receiver b and the public key PKb of the receiver b, the common key comK is obtained based on the DH method. Generated by the H algorithm 301. This common key comK corresponds to the key K in the encryption algorithm in the embodiment shown in FIGS. That is, at this stage, the conversion from the public key cryptosystem (asymmetric cryptosystem) to the common key cryptosystem (symmetric cryptosystem) is performed.

Random number SeK (corresponding to the above-mentioned session key)
Is generated for each encryption process inside the public key algorithm of FIG. The value of the random number SeK differs for each encryption process.
The random number SeK is used for the encryption operation of the common key comK generated inside the DH algorithm 301 and the plaintext P input by the user. Since the random number used in the encryption places importance on the unpredictability, it is premised that a condition that other bits from an arbitrary part of the random number sequence cannot be estimated by the polynomial calculation amount (unpredictability) is satisfied.

A discrete variable X of length n is unpredictable:
For any polynomial calculation algorithm A and any integer c, there is an integer N, and for any n greater than N, (However, w and a are non-overlapping parts of X.) This condition is difficult because of the implementation level. It is said that it can be used as a random number. There is a detailed description in the following reference [OK93]. Equal frequency of 0 and 1 (balance) Long periodicity Non-linearity Non-correlation Linear complexity is large In this embodiment, the definition of the pseudorandom number is satisfied by the nonlinear digital chaotic signal in the cryptographic algorithms 302, 303, 305, and 306. Therefore, a simple random number is sufficient as the random number SeK used in the public key cryptosystem of FIG. That is,
Since the definition of the pseudo-random number is satisfied by the nonlinear digital chaos signal, a simple random number SeK is used to improve the processing speed in the public key system. In the following description, a real number is described, but the nonlinear digital chaotic signal satisfies this condition. Note that the random number SeK used in the present embodiment corresponds to a session key in the asymmetric encryption method.

As described above, processing within the present public key algorithm is performed by the common key cryptosystem (symmetric cryptosystem) shown in the embodiment of FIGS. In FIG. 3, the algorithms for realizing the common key cryptosystem are shown as cryptographic algorithms 302, 303, 305 and 306. Each of these encryption algorithms 302, 303, 305 and 306 has the same configuration as those in FIGS.

In the encryption algorithm 302, the common key comK generated by the DH algorithm 301 is used as a key K,
An encryption process is performed using the random number SeK as a plaintext P. The key encrypted by this processing, that is, the encryption key comK +
Generate SeK.

As described above, this common key comK
Corresponds to the key K in the encryption algorithm shown in FIG. 1 and FIG. 2, so that the key K in the common key encryption method (symmetric encryption method) used in the decryption process necessary for the receiver is secured. This means that the data is encrypted with a random number generated uniquely for each process so that the data can be exchanged. That is, the generated encryption key comK + SeK is an encrypted common key. Therefore, even if this encryption key is intercepted by a third party, it cannot be decrypted because it is generated from the random number SeK generated uniquely for each process. Of course, even if the public key PKa of the sender a and the public key PKb of the receiver b are obtained by a third party, the third party cannot generate the common key comK and cannot decrypt it.

Further, the encryption algorithm 303 in FIG.
On the transmitting side, the plaintext P input by the sender a
Is encrypted using the random number SeK as a key K of the common key method (the encryption algorithm of the present invention), and a ciphertext P + SeK is generated. There is no danger of decryption, the encryption key comK
Same as + SeK. Note that the public key cryptosystem in FIG. 3 uses the ciphertext P + Se simultaneously with the encryption key comK + SeK.
Since K is also generated, the random number SeK uniquely generated for each process is used in two ways.

The ciphertext P + SeK and the common key necessary for decryption, that is, the encryption key comK + SeK are output to the outside by the transmission means. Various methods are known as an output method to the outside, that is, a method of passing the ciphertext and the common key to the receiving means. When the transmitting means and the receiving means are connected via a network, the transmitting means has a function of transmitting the cipher text and the common key to the network according to a predetermined protocol.

When transmitting the cipher text and the common key from the transmitting means to the receiving means by wireless communication, the transmitting means has a function of modulating and transmitting the cipher text and the common key. When the cipher text and the common key are stored and transferred in a portable storage medium, the transmitting unit has a function of writing the cipher text and the common key to the storage medium.

The receiving means receives the ciphertext P + SeK generated by the transmitting means and the common key required for decryption, that is, the encryption key comK + SeK. Various methods are known as an input method, that is, a method of passing a ciphertext and a common key to a decryption device.

When connecting to the transmitting means via a network, the receiving means has a function of receiving information transferred via the network and extracting a cipher text and a common key. When receiving the cipher text and the common key from the transmitting means by wireless communication, the receiving means has a function of receiving and demodulating the propagated signal and extracting the cipher text and the common key. When the cipher text and the common key are stored and transferred in a portable storage medium, the receiving unit has a function of reading the cipher text and the common key from the storage medium.

The decryption processing can be realized by sequentially performing the reverse processing of the encryption processing. First, the common key encryption process
D. This is performed by the H algorithm 304. D. In the H algorithm 304, the receiver b uses the public key PKa of the sender a and the secret key SKb of the receiver b based on the DH method to obtain a common key com.
K is generated inside the public key decryption means. This common key co
mK corresponds to the key K in the encryption algorithm of the present invention (FIGS. 1 and 2). That is, at this stage, the conversion from the public key cryptosystem (asymmetric cryptosystem) to the common key cryptosystem (symmetric cryptosystem) is performed.

Next, in the encryption algorithm 305 of FIG. 3, the encryption key comK + SeK transmitted from the sender a is decrypted by the encryption algorithm of the embodiment shown in FIGS. 1 and 2 using the common key comK. Of course,
Data decrypted by the encryption algorithm 305 is a random number SeK
Is generated as The generated random number SeK is a key necessary for decrypting the plaintext P, and is used as a key K in the encryption algorithm of the embodiment shown in FIGS.

Further, in the encryption algorithm 306,
With the random number SeK, the cipher text (P + SeK) is decrypted,
Output plaintext P.

By the above processing, the public key cryptosystem of FIG. 3 provides a stream type cryptosystem using a digital chaos signal. As is clear from the above description of the embodiments, the following effects are brought about by implementing the present invention. (1) As described above, since the chaos function itself can be substituted, the basic encryption algorithm can be easily updated. (2) Since it is a stream-type encryption system, continuous encryption processing can be provided, and high-speed and large-volume data encryption processing of the Internet, which will be developed in the future, can be performed. (3) For the same reason, processing can be performed without being conscious of language data such as English, Japanese, and Chinese, so that a worldwide encryption system can be provided. (4) For the same reason, multimedia data such as text data and binary data can be similarly processed. (5) The decryption process can be performed at high speed without referring to data other than the key during the decryption process. (6) Since the key has a variable length, the user can freely select the encryption processing speed and the encryption strength. (7) Select the encryption processing speed and encryption strength, and
Enables use in small electronic devices such as mobile phones connected to the Internet.

Since the present invention generates a key sequence from a variable-length key, it has a strong resistance to the exhaustive search attack method. In the case of DES, key management technology is used. However, in DES, since the key is used as it is for the encryption key, the key theoretically consists of 256 key spaces, but the key space that can actually be used for keys is only 95 of the ASCII code. Absent. Since the encryption key that can be used in the present invention consists of all ASCII codes (256 key spaces) except 0x00, the fixed-length method (FEAL-8, DE
The present invention is superior to S).

[0075] For example, when using a brute force attack attempts to crack the present invention, the length of the key K is 128bit, when the attempt to decode the current computer, it takes 10 ¹⁹⁹⁶ Time Become. In addition, the chaos encryption method is generated from a simple function, so that the arithmetic processing is fast. That is, since it is a cryptosystem such as 3DES that can guarantee the cryptographic strength without requiring repetition, the encryption / decryption processing can be performed at high speed.

Further, in the present invention, the key length can be logically increased to infinity. In a conventional cryptosystem, a key length that requires time for key generation due to repetitive calculation cannot be processed unless it is a fixed length. For example, an RSA that processes a key value as exponentiation calculation requires a processing time that is ten times or more as large as that of the present invention, because the cryptographic processing speed situation greatly depends on the key length.

FIG. 7 is a diagram showing the appearance frequency distribution of 0 and 1 according to the embodiment shown in FIGS. As is clear from the figure, according to the present embodiment, regardless of the appearance frequency of 0 and 1 in the file (plaintext) to be encrypted,
In cipher text, the appearance frequency of 0 and 1 is near 50%. Therefore, when an image or the like is encrypted by the encryption device of the present invention, periodicity does not easily appear in the cipher text. Even in comparison with a cryptosystem using the same chaos function, the present invention is superior in terms of equal frequency of 0 and 1 and processing speed.

[0078]

According to the present invention, the processing speed and the encryption strength can be selected according to the needs of the user, and the chaos encryption technology can be used. It is an object of the present invention to provide an encryption method that can be used for telephones, employs a variable-length key, makes it difficult for cipher text such as images to have periodicity, and can easily update a basic algorithm. Further, according to the present invention, it is possible to provide a public key cryptosystem adopting the cryptosystem. Conventional encryption technology is an alternative to prioritize security strength or processing speed.
There is no system that has both sides, and there is no lightweight and high-speed encryption system that is required when implementing small electronic devices such as mobile phones as Internet terminals. The present invention solves the above-mentioned problems of the prior art, and is an encryption method that can realize a high security strength, a high processing speed, and a lightweight encryption algorithm program itself.

In the above description, those described as references with detailed explanations are listed below. [AI90] Kazuyuki Aihara Chaos Basics and applications of chaos theory
Science Inc. 1990 [AI00] Edited by Kazuyuki Aihara Toru Ikeguchi, Taiji Yamada, Motomasa Komuro
Basics and Applications of Chaotic Time Series Analysis Sangyo Tosho 2000 [NK97] Translated by Koichi Sakurai Introduction to Number Theory Algorithms and Elliptic Cryptography Chapter 3. Cryptographic Theory Springer Verlag Tokyo [NK97] Translated by Koichi Sakurai Introduction to Number Theory Algorithms and Elliptic Cryptography Chapter 4. Public key cryptosystem Springer Verlag Tokyo [TK90] Supervised by Shigeo Tsujii and Masao Kasahara: "Cryptography and Information Security" Shokodo, 1990 List of asymmetric cryptography [DH76] Diffie, W. and Hellman, ME .: New directions i
n cryptography, IEEE Trans.on Information Theory, V
ol.IT-22, No.6, pp.644-654,1976 [OK93] Eiji Okamoto Introduction to Cryptography Theory Chapter 4. Random Numbers for Cryptography Kyoritsu Shuppan 1993 [NK99] Akira Hayashi Translation Algebra Theory of Cryptography Chapter 1. Cryptography Springer Verlag Tokyo Co., Ltd. [KO61] Shinichi Ikeno, Kenji Koyama Modern cryptography Chapter 5
Public key cryptography IEICE S61 [FUMI00] Fumiko Komatsu et al. PKI Handbook Part 1 P
Basic knowledge of KI (Public key cryptographic infrastructure) Soft Research Center 2000 [ipa] Multiplicative Processing Promotion Association Cryptography related site htt
p: //www.ipa.go.jp/security/enc/CRYPTREC/index.html

[Brief description of the drawings]

FIG. 1 is a diagram illustrating an encryption device according to an embodiment of the present invention, and particularly illustrating a procedure of an encryption process using an encryption algorithm in the encryption device.

FIG. 2 is a diagram illustrating a configuration of an encryption algorithm in the encryption device of FIG. 1;

FIG. 3 is a diagram showing a public key cryptosystem according to an embodiment of the present invention.

FIG. 4 is a diagram illustrating the irregularity of the logistic mapping with i being the horizontal axis and X (i) being the vertical axis.

FIG. 5 is a characteristic diagram of a logistic mapping in which X (i) is plotted on the horizontal axis and X (i + 1) is plotted on the horizontal axis.

FIG. 6 is a diagram showing an example of input / output data in the processing performed in the embodiment shown in FIGS. 1 and 2;

FIG. 7 shows 0, 1 according to the embodiment shown in FIGS. 1 and 2;
Is a diagram showing the appearance frequency distribution of

[Explanation of symbols]

 1 Key input (K) input 2 Key initial conversion 3 Digital chaos signal generation 4 Chaos filtering 5 Key sequence (Kc) generation 6 Plaintext (P) input 7 Primary encryption 8 Internal vector (V) generation 9 Secondary encryption 10 · Final conversion 11 · · · · Ciphertext (KcPVE) output 102 · · · · · Key initial conversion unit 103 · · · · Digital chaos signal (C) generation unit 104 · · · · · Chaos filter 105 · · · ... Exclusive OR operation unit 107 Primary encryption unit 108 Internal vector (V) generation unit 109 Secondary encryption unit 110 ..Final conversion unit 1041 ... integer value conversion unit 1042 ... binary encoding processing unit 301,304 ... DH algorithm 302,303,305,306 ..... cryptographic algorithm

Claims (10)

[Claims] 1. A chaos generating means for generating a floating-point digital nonlinear chaotic signal based on a chaotic function initial value, a chaotic function parameter and a chaotic function associated with a common key, and converting the digital nonlinear chaotic signal into an integer format. An integerizing means for generating an integerized digital nonlinear chaotic signal; a binary encoding means for converting the integerized digital nonlinear chaotic signal into a binary code to generate a binary encoded digital nonlinear chaotic signal; First derived from
Exclusive OR operation means for generating a second key sequence by exclusive OR operation of the key sequence of the above and the binary coded digital chaos signal, and operation of the input plaintext and the second key sequence An encryption device, comprising: encryption operation means for generating a cipher text by processing. 2. The encryption operation means comprises a primary encryption unit and a secondary encryption unit, wherein the primary encryption unit performs an exclusive OR operation on a plaintext and the second key sequence. A primary ciphertext is generated by an operation, and the secondary encryption unit generates a secondary ciphertext by an exclusive OR operation of the primary ciphertext and vector data. Item 2. The encryption device according to Item 1. 3. An internal vector generating unit, wherein the internal vector generating unit includes the common key, the digital nonlinear chaotic signal, the integer digital nonlinear chaotic signal, the binary coded digital nonlinear chaotic signal, the plaintext, Converting at least one of the primary ciphertext, the secondary ciphertext, and other data, which is input data input in the process of generating the ciphertext or internal data internally generated, into internal unique data; 3. The vector data is generated based on the initial value by selecting a part or all of the internal unique data as an initial value.
An encryption device according to claim 1. 4. The internal vector generating unit generates the initial value by processing the internal unique data, sets the data length of the initial value to a length different from the fixed data length of the internal unique data, The encryption device according to claim 3, wherein the vector data having the same data length as the primary ciphertext is generated based on an initial value. 5. The integer conversion means converts the floating-point digital non-linear chaos signal output from the chaos generation means into a character string, and converts the character string into integer data by converting the character string into integer data. The cryptographic device according to claim 1, wherein the cryptographic device generates a digital nonlinear chaotic signal. 6. A decryption device for decrypting a ciphertext generated by the cryptographic device according to any one of claims 1 to 5, which has the same configuration as that of the cryptographic device according to any one of claims 1 to 5, wherein the plaintext is replaced with the plaintext. A decryption apparatus for inputting the ciphertext and decrypting the input ciphertext with the same common key as the common key used in the encryption apparatus according to claim 1. 7. A common key generation means for generating a common key from a secret key of a sender and a public key of a receiver, a session key generation means for generating a session key, a first encryption means,
Second encryption means, wherein the first encryption means generates a ciphertext by encrypting a plaintext with the session key, and wherein the second encryption means generates the ciphertext with the common key. A public key cryptosystem for generating an encryption key by encrypting a public key, wherein said first and second encryption means are the cryptographic devices according to claim 1 to 5. . 8. A public key decryption method for decrypting a ciphertext generated by the public key encryption method according to claim 7, wherein the configuration is the same as that of the public key encryption method according to claim 7; A key generation unit that generates a common key for decryption from the public key of the sender and a secret key of the receiver, the second encryption unit inputs the encryption key in place of the session key, Decrypting the session key with a decryption common key, the first encryption unit inputs the ciphertext instead of the plaintext, and uses the session key decrypted by the second encryption unit to decrypt the plaintext. Public key decryption method characterized by decrypting a public key. 9. The public key cryptosystem according to claim 7, wherein said session key generation means uses a internally generated random number as said session key. 10. The public key decryption method according to claim 8, wherein said session key generation means uses a random number generated internally as said session key.