JP2008252349A - Communication method and communication system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a ciphering method of communication for securing sufficient secrecy without putting burdens requiring processing both on the transmission side and on the reception side of the communication so much, and a communication system. <P>SOLUTION: Plain text data and cipher key data are multi-dimensionally arrayed, the array of the plain text data is shifted by the first system of performing a prescribed shift or shift combination in at least one of multiple dimensions, the array of the cipher key data is shifted by the second system of performing the prescribed shift or shift combination in at least one of the multiple dimensions different from the first system further, then the plain text data shifted by the first system are ciphered by using the cipher key data shifted by the second system. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to a communication method and a communication system, and more particularly, to a communication method and a communication system that perform encrypted communication.

  When data is transmitted and received between information communication terminals and the like, various encryption methods are currently proposed in order to increase the confidentiality of the communication. Especially in wireless communication, since it is relatively easy to eavesdrop on a packet of information used for communication, even if the packet is eavesdropped, it is difficult to decipher the contents, and the data sender and receiver Encryption technology that establishes a secure communication path between the two is extremely important in an advanced information society.

  At present, there are two typical encryption techniques: a common key encryption system and a public key encryption system.

  In the common key cryptosystem, both the data sender and the receiver hold the same key, and encryption and decryption are performed using the same key. Typical examples of the common key cryptosystem include DES (Data Encryption Standard), AES (Advanced Encryption Standard), and RC4. Hereinafter, an outline of this method will be described with reference to the drawings.

  As shown in FIG. 7, first, the “information transmitting side” that performs encryption performs one-way encryption key conversion processing using a hash function or the like on the common key data and the common parameters, and sequentially generates encryption keys. To do. Here, this sequential encryption key can be considered as a “common key”. Using this common key, a ciphertext is generated by calculating an exclusive OR of plaintext data before encryption. This exclusive OR will be described later. On the other hand, the “information receiving side” that decrypts the encrypted information uses an exclusive OR of the ciphertext data using the same common key as the key used for encryption. The plaintext data can be obtained by calculating. However, the receiving side that performs decryption needs to acquire a common key from the transmitting side in advance in performing this encrypted communication. For this reason, if an eavesdropping is performed by a third party at the time of delivery of the common key, there is a risk that subsequent encrypted communication can be easily decrypted.

  Therefore, in order to increase the security strength of information communication, the public key cryptosystem performs decryption using a key different from the key used for encryption. In this system, two keys, “public key” and “private key”, are used as a pair. On the other hand, the encrypted plaintext can be decrypted only by the paired key. The information transmitting side performs encryption using a “public key” that is disclosed to a third party out of the two key pairs created by the information receiving side, and the receiving side that receives the ciphertext receives its own “ Decrypt it using "secret key". In the public key cryptosystem, a scheme called RSA (Rivest Sharmir Adleman) is standardly used.

  With the public key cryptosystem, the risk at the time of “key delivery”, which was a weak point of the common key cryptosystem described above, is eliminated. However, this public key cryptosystem has a drawback in that it takes time to encrypt and decrypt because the mathematical processing of the algorithm employed is complicated.

  Therefore, a hybrid cryptosystem has been proposed as a technique for interpolating the weak points of the above two schemes, that is, the common key cryptosystem and the public key cryptosystem. Hereinafter, an outline of this method will be described with reference to the drawings.

  As shown in FIG. 8, in the hybrid encryption method, when the plaintext data is encrypted, the transmission side encrypts it with a common key encryption method that is relatively easy to process, and the reception side also uses the common key to encrypt the encrypted text. Is decrypted. When the key, which is a weak point of the common key cryptosystem, is delivered, the common key itself is encrypted with the public key out of the public key and private key pair created by the receiver, and the encrypted common key is encrypted. To the receiver. The receiving side that has received the encrypted common key decrypts the common key using its own secret key, and obtains plaintext data by decrypting the ciphertext using the decrypted common key. In this way, the processing required for encryption and decryption is reduced by using a public key cryptosystem with complicated processing only at the time of key delivery.

  If this hybrid encryption method is used, it is possible to pass the common key to a considerably safe level. Also in this encryption method, plaintext encryption is basically performed by a common key encryption method that is relatively easy to process. In the encryption of the common key cryptosystem, encryption and decryption are performed using the same key by calculating an exclusive OR by Vernam cipher. For example, as shown in FIG. 9 (A), assuming that the plaintext is an all-in-one bit string, if the exclusive OR (XOR) of both is calculated using the sequential encryption key as shown in the plaintext, A sentence is completed. As shown in FIG. 9B, when the exclusive OR is calculated again with respect to this ciphertext using a sequential encryption key that is a correct key, it can be decrypted into the original plaintext. As shown in C), even if an exclusive OR is calculated using a fake key and decryption is attempted, the original plaintext cannot be restored.

  However, since the operation of exclusive OR performed in the encryption and decryption of this common key cryptosystem is a simple and regular repetitive operation, the generated ciphertext is still subject to attacks by eavesdropping. There is a risk of being deciphered.

For this reason, there is disclosed a technique for improving the confidentiality of data by performing encryption using a Latin square and a Latin square as a conversion table instead of performing an exclusive OR operation (for example, Patent Document 1). And 2). According to these techniques, the result of the operation is not always uniquely determined as in the case of exclusive OR, but can be a plurality of natural numbers, and the confidentiality of the ciphertext can be improved.
Japanese Patent Laid-Open No. 10-10971 JP 2000-227753 A

  However, even in the technique disclosed in the above-mentioned patent document, since the process of increasing the confidentiality is not performed on the data itself at the stage before the encryption, a measure for increasing the confidentiality of the encrypted communication. Is not necessarily enough. The encryption methods described in these patent documents are based on the block encryption method, and are not suitable for cases where it is required to avoid processing delay as much as possible, such as in the case of wireless communication.

  Therefore, an object of the present invention made in view of such circumstances is to provide a communication method and a communication system capable of ensuring sufficient secrecy without imposing a burden on processing on both the transmitting side and the receiving side that perform information communication. It is to provide.

The invention of the communication method according to claim 1 that achieves the above object is as follows:
In a communication method of a communication system having a transmission device that encrypts plaintext data with encryption key data and transmits the data, and a reception device that decrypts the ciphertext transmitted from the transmission device with decryption key data to obtain plaintext data.
The transmitter is
Arranging the plaintext data in N dimensions (N is a natural number of 2 or more);
Arranging the encryption key data in the N-dimensional arrangement;
Converting the N-dimensional array of the plaintext data array in a first manner;
Converting the array of the encryption key data arranged in an N-dimensional manner by a second method different from the first method;
Encrypting plaintext data converted by the first method using encryption key data converted by the second method, and generating a ciphertext;
Transmitting the generated ciphertext to the receiving device,
The receiving device is:
Receiving the ciphertext transmitted from the transmitting device;
Arranging the decryption key data in the N-dimensional arrangement;
Transforming the array of the N-dimensionally arranged decryption key data by the second method;
Decrypting the ciphertext using the decryption key data converted by the second method;
Inversely transforming the array of the decrypted data based on the first scheme to obtain the plaintext data;
It is characterized by including.

The invention according to claim 2 is the communication method according to claim 1,
Prior to executing the step of transmitting the generated ciphertext to the receiving device, the transmitting device converts the ciphertext encrypted using the encryption key data converted by the second method into a one-dimensional array. Further comprising the steps of:
The receiving device further includes a step of converting the received ciphertext into the N-dimensional array prior to executing the step of decrypting the ciphertext using the decryption key data converted by the second method. Have
In the step of inversely transforming the decrypted data array based on the first method to obtain the plaintext data, the decrypted data array of the N-dimensional array is converted into a one-dimensional array, The plaintext data is obtained.

The invention according to claim 3 is the communication method according to claim 1 or 2,
The transmitter is
Determining the number of dimensions in the N-dimensional array according to the configuration and / or content of the plaintext data;
The receiving device is:
Grasping the determined number of dimensions, and
The plaintext data, the encryption key data, and the decryption key data are converted according to the determined number of dimensions.

The invention according to claim 4 is the communication method according to any one of claims 1 to 3,
The first method and the second method include transposition processing for transposing data according to a predetermined rule.

Furthermore, the invention of the communication system according to claim 5 that achieves the above object is as follows:
In a communication system having a transmission device that encrypts plaintext data with encryption key data and transmits and a reception device that decrypts the ciphertext transmitted from the transmission device with decryption key data to obtain plaintext data,
The transmitter is
A first N-dimensional arrangement unit that arranges the plaintext data and the encryption key data in N dimensions (N is a natural number of 2 or more);
The array of the plaintext data arranged in N dimensions is converted by a first method, and the array of the encryption key data arranged in N dimensions is converted by a second method different from the first method. A first array conversion unit to
An encryption unit that encrypts plaintext data converted by the first method using encryption key data converted by the second method, and generates a ciphertext;
A transmission unit that transmits the ciphertext generated by the encryption unit to the reception device,
The receiving device is:
A receiver for receiving the ciphertext transmitted from the transmitter;
A second N-dimensional arrangement unit for arranging the decryption key data in the N-dimensional manner;
A second array conversion unit for converting the array of the decryption key data arranged in the N-dimensional manner by the second method;
A decryption unit that decrypts the ciphertext using the decryption key data converted by the second method;
A plaintext restoration unit that reversely transforms the array of the decrypted data based on the first scheme to obtain the plaintext data;
It is characterized by including.

Furthermore, the invention of the communication method according to claim 6 for achieving the above object is as follows:
In a communication method of a communication system having a transmission device that encrypts plaintext data with encryption key data and transmits the data, and a reception device that decrypts the ciphertext transmitted from the transmission device with decryption key data to obtain plaintext data.
The transmitter is
Arranging the plaintext data in N dimensions (N is a natural number of 2 or more);
Arranging the encryption key data in the N-dimensional arrangement;
Converting the N-dimensional array of the plaintext data array;
Encrypting the converted plaintext data using the encryption key data to generate a ciphertext;
Transmitting the generated ciphertext to the receiving device,
The receiving device is:
Receiving the ciphertext transmitted from the transmitting device;
Arranging the decryption key data in the N-dimensional arrangement;
Decrypting the ciphertext using the decryption key data;
Inversely transforming the sequence of the decrypted data to obtain the plaintext data;
It is characterized by including.

The invention of the communication method according to claim 7 is:
In a communication method of a communication system having a transmission device that encrypts plaintext data with encryption key data and transmits the data, and a reception device that decrypts the ciphertext transmitted from the transmission device with decryption key data to obtain plaintext data.
The transmitter is
Arranging the plaintext data in N dimensions (N is a natural number of 2 or more);
Arranging the encryption key data in the N-dimensional arrangement;
Transforming the N-dimensionally arranged array of the encryption key data;
Encrypting the plaintext data using the converted encryption key data to generate a ciphertext;
Transmitting the generated ciphertext to the receiving device,
The receiving device is:
Receiving the ciphertext transmitted from the transmitting device;
Arranging the decryption key data in the N-dimensional arrangement;
Transforming the array of the N-dimensionally arranged decryption key data;
Decrypting the ciphertext using the converted decryption key data;
Inversely transforming the decrypted data array to obtain the plaintext data;
It is characterized by including.

  According to the present invention, plaintext data and encryption key data are arranged in a multidimensional array, and the plaintext data array is shifted after executing a predetermined shift or combination of shifts in at least one of the multidimensional dimensions. The plaintext data is encrypted using the encryption key data shifted in the same way as the plaintext data, so that neither the transmitting side nor the receiving side performing the encrypted communication has a heavy processing load. It is possible to dramatically improve the encryption strength and sufficiently ensure the confidentiality of communication.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

  FIG. 1 is a block diagram showing a schematic configuration of main parts of a transmission device 100 and a reception device 200 of a communication system according to an embodiment of the present invention. In the present embodiment, communication is performed by adopting a hybrid encryption method. The transmission apparatus 100 includes an application 11 that supplies plaintext data, an N-dimensional arrangement unit 12 that arranges plaintext data in N dimensions, and N-dimensional data. An array shift unit 13 that performs a predetermined shift process on the arranged plaintext data, an encryption unit 14 that encrypts the plaintext data that has been array-shifted, and a transmission unit 15 that transmits the encrypted ciphertext to the receiving device 200. I have. The transmission device 100 further includes a cryptographic strength determination unit 16 that determines a predetermined cryptographic strength from plain text supplied from the application 11, a public key method key exchange unit 18 that exchanges public key information with the reception device 200, In order to share information common with the receiving apparatus 200, the determination result of the encryption strength determination unit 16 and the public key information of the public key method key exchange unit 18 are stored and output to the transmission unit 15 and the one-way encryption key conversion unit 19. A transmission / reception device common information storage unit 17, a one-way encryption key conversion unit 19 that performs a one-way conversion process on the data that is the basis of the encryption key based on the transmission / reception device common information from the transmission / reception device common information storage unit 17, A key N-dimensional array unit 20 that arranges the encryption key data converted by the encryption key conversion unit 19 in N dimensions, and a predetermined shift in the encryption key data arrayed N-dimensionally by the key N-dimensional array unit 20 Processing a key sequence shift unit 21 for performing, and a.

  In addition, the receiving apparatus 200 illustrated in FIG. 1 receives a public key that exchanges public key information between the receiving unit 211 that receives an encrypted ciphertext from the transmitting apparatus 100 and the transmitting apparatus 100 based on the received ciphertext. Method key exchange unit 212 stores information received in order to share information common with transmitting apparatus 100 and public key information from public key method key exchange unit 212 to store encryption strength determination unit 214 and one-way encryption key conversion The transmission / reception device common information storage unit 213 to be output to the unit 216, the encryption strength determination unit 214 that determines the encryption strength based on the output from the transmission / reception device common information storage unit 213, and the ciphertext received by the reception unit 211 An N-dimensional arrangement unit 215 arranged in N dimensions based on the determination result of the encryption strength in the determination unit 214 and a key base based on the output from the transmission / reception device common information storage unit 213 A one-way encryption key conversion unit 216 that performs one-way conversion processing on the data, a key N-dimensional array unit 217 that arranges the encryption key data converted by the one-way encryption key conversion unit 216 in N dimensions, and a key N-dimensional array A key arrangement shift unit 218 that performs a predetermined shift process on the encryption key data that is N-dimensionally arranged by the unit 217, and a common key that is obtained by shifting the ciphertext that is N-dimensionally arranged by the N-dimensional arrangement unit 215 by the key arrangement shift unit 218. The decryption unit 219 decrypts the decrypted text, the array shift unit 220 that performs a predetermined shift process on the decrypted decrypted text based on the encryption strength determination result in the cipher strength determination unit 214, and converts the decrypted plaintext into the decrypted plaintext. And an application 221 for processing data. The receiving apparatus 200 arranges the ciphertext received from the transmitting apparatus 100 in an N-dimensional arrangement in the N-dimensional arrangement unit 215, but the transmitting apparatus 100 receives the ciphertext that has been arranged in the N-dimensional arrangement in the transmitting unit 15. When transmission is possible, the receiving apparatus 200 does not need to perform N-dimensional arrangement again. In this case, the N-dimensional arrangement unit 215 in the receiving apparatus 200 may not be included in the configuration. In such a configuration, the receiving device 200 only decrypts the encryption key data in an N-dimensional array and performs a shift process, and decrypts the ciphertext transmitted from the transmitting device 100 in the N-dimensional array into plaintext data. can do. In the present embodiment, a case will be described in which the transmission unit 15 in the transmission apparatus 100 transmits the ciphertexts arranged in an N-dimensional array after the one-dimensional arrangement.

  Next, with reference to FIGS. 2 to 4, the N-dimensional arrangement performed by the N-dimensional arrangement unit 12 and the key N-dimensional arrangement unit 20 of the transmission apparatus 100, the arrangement shift unit 13, and the key, which are executed before encryption. An array shift process performed by the array shift unit 21 will be described.

  When calculating the exclusive OR when performing encryption or decryption, if the start position of the bit string of the plaintext data and the bit string of the encryption key are shifted, the encryption is not properly performed. Therefore, in the encryption, the positions of the bit string of the plaintext data and the bit string of the sequential encryption key need to be strictly aligned as shown in FIG. 2, for example. The numbers and symbols shown in FIG. 2 merely represent the positional relationship of the bit strings, and do not represent the bit data itself.

  In this embodiment, the bit string of plaintext data and the bit string of the sequential encryption key, which have been one-dimensional in the past, are first arranged in N dimensions (N is a natural number of 2 or more) at the stage before encryption. Further, by encrypting the data arranged in the N-dimension and further shifting (shifting) the start position of the exclusive OR operation in a different manner from each other, the high encryption strength can be obtained. It is assumed that it has an encryption method. The shift amount is introduced as an encryption parameter and used when decrypting.

  First, the one-dimensional shift will be described. In the one-dimensional shift, as shown in FIG. 3A, the original (pre-shift) bit string is moved by, for example, +8 in the X-axis direction. Note that moving (shifting) the bit string by +8 in the X-axis direction is referred to as [X: +8] for convenience. The bit in the bit string is moved +8 in the X-axis direction, and the bit that protrudes from the original bit length is moved to the starting point of the bit string as it is.

  Such a process is illustrated conceptually as shown in FIG. FIG. 4A illustrates an example in which the bit string shift is [X: +7].

  Next, a two-dimensional case will be described. In the present embodiment, before encryption is performed using plaintext data and encryption key data, a bit string of plaintext data is stored in the N-dimensional array unit 12, and a bit string of encryption key data is stored in the key N-dimensional array unit 20, respectively. Divided into predetermined lengths and arranged in a two-dimensional structure. For example, in an 8-bit × 4-bit two-dimensional structure, the arrangement is as shown in FIG.

  With respect to the two-dimensional bit array as described above, the array shift unit 13 and the key array shift unit 21 shift the bit array. In two dimensions, the shifting direction is two directions of the X-axis direction and the Y-axis direction. There is. For example, assuming that the bit array shift is X: +2, the result is as shown in FIG. When the shift of [Y: -1] is further performed, the result is as shown in FIG.

  An image of such processing is shown in FIG. FIG. 2B shows an example in which [Y: −2] is further shifted after [X: +4] is shifted to the bit string. For such a bit arrangement, the shift can be performed by combining a plurality of times.

  Next, a three-dimensional case will be described. In the three-dimensional case, the N-dimensional array unit 12 and the key N-dimensional array unit 20 divide bit strings of plaintext data and encryption key data into predetermined lengths, respectively, For example, a cube of bits as shown in FIG. 2C is generated by superimposing in the axial direction. In the example shown at the left end of FIG. 2C, it is a cube of 12 bits × 8 bits × 6 bits. In the case of the three-dimensional case, there are three directions for shifting, the X-axis direction, the Y-axis direction and the Z-axis direction. In the example shown in FIG. 2C, first [X: +3] is performed, then [Z: +1] is performed, and [Y: -2] is further performed.

  The above processing can illustrate the concept up to three dimensions, but can be easily expanded to four or more dimensions (N is a natural number) in terms of calculation.

  By performing such an operation, the N-dimensional array unit 12 and the key N-dimensional array unit 20 of the transmission device 100 can arbitrarily set the number N of bits to be arranged and the number of bits in each dimension when arranging the bits. Can be arranged. Further, the array shift unit 13 and the key array shift unit 21 shift the above-described shift process by an arbitrary number of times (shift amount) in an arbitrary order in an arbitrary direction in N dimensions. It is possible. In FIGS. 3 and 4, in each of the bit strings arranged in the direction of one dimension in two or more dimensions, the shift processing of the same shift amount is performed on all the bit strings. It is also possible to perform shift processing with different shift amounts for each bit string. For example, in FIG. 4B, when shifting in the X direction, the uppermost bit string is [X: +3], the next bit string is [X: -2], and the next bit string is [X: 0. , And so on.

  Each of the N-dimensional array unit 12 and the array shift unit 13 performs the above-described N-dimensional array and array shift of the bit string on the plaintext data, and similarly, the key N-dimensional array unit 20 and the key array shift unit 21 respectively N-dimensional array and array shift are performed on the encryption key data. When executing the N-dimensional arrangement of the plaintext data and the encryption key data, the N-dimensional arrangement unit 12 and the key N-dimensional arrangement unit 20 use both the plaintext data and the encryption key data for the number N of bits to be arranged and each The number of bits in the dimension direction is made uniform so that there is a corresponding bit when calculating an exclusive OR in performing encryption and decryption. On the other hand, when the arrangement shift unit 13 and the key arrangement shift unit 21 execute the arrangement shift of the plaintext data and the encryption key data, it is naturally possible to execute the same arrangement shift for both the plaintext data and the encryption key data. However, by executing different arrangement shifts that are not related to the plaintext data and the encryption key data, the arrangement of the data can be remarkably scattered before the encryption of both.

  Hereinafter, with reference to the conceptual diagram of FIG. 5, a data flow in the encryption processing of the transmission apparatus 100 according to the embodiment of the present invention will be described.

  The flow from the top to the bottom of FIG. 5 represents the flow of encryption key data. As a premise for performing the encryption process, a one-way encryption key conversion process is performed on the common key data and the common parameters shown in the upper part of the figure using a hash function or the like, thereby sequentially generating encryption keys. Here, this sequential encryption key can be considered as a “common key”. Information related to such a common key is supplied by the transmission / reception device common information storage unit 17 and converted into a common key by the one-way encryption key conversion unit 19 performing conversion processing.

  The flow from left to right in FIG. 5 represents the flow of data when plaintext data is encrypted into ciphertext. First, the application 11 of the transmission apparatus 100 supplies plaintext data to be encrypted to the N-dimensional arrangement unit 12 and the encryption strength determination unit 16. The encryption strength determination unit 16 determines the strength for encrypting the plaintext according to a predetermined condition from the configuration and / or content of the plaintext data, and based on this, the plaintext array information is sent to the N-dimensional array unit 12 and the array shift unit 13. Supply. The transmission / reception device common information storage unit 17 stores the plaintext arrangement information and transmits it to the reception device 200 via the transmission unit 15 so as to be shared with the transmission / reception device common information storage unit 213. Specifically, the plaintext array information includes the number N of bits arranged in the N-dimensional array unit 12 and the number of bits in each dimension direction, the N-dimensional direction in which the array shift unit 13 shifts the bit string, and the shift direction. Information such as the order, shift amount, and number of shifts.

  Next, the N-dimensional arrangement unit 12 arranges plaintext data in N dimensions based on the number N of bits to be arranged and the number of bits in each dimension included in the plaintext arrangement information. Thereafter, the array shift unit 13 arranges the plaintext data arrayed in N dimensions based on the N-dimensional direction in which the array shift unit 13 shifts, the order of the shift direction, the shift amount, and the number of shifts included in the plaintext array information. Shift.

  In order to further disperse the array of data before encryption, based on the plaintext transposition information from the encryption strength determination unit 16, transposition that transposes one or more bits according to a predetermined rule for each bit in the N-dimensional array Processing can also be included. This process can be executed before or after the process in which the array shift unit 13 shifts the bit array. Since this transposition process can be performed in accordance with the same procedure as the known transposition process from the conventional encryption method, detailed description thereof is omitted here.

  On the other hand, for the encryption key used for encryption, the key N-dimensional array unit 20 uses the above-described “common key” according to key array information having the same configuration as the above-described plaintext array information supplied by the encryption strength determination unit 16. The encryption key data is arranged in N dimensions based on the same number of dimensions N applied to the plaintext data and the number of bits in each dimension direction. Next, based on the key arrangement information, the key arrangement shift unit 21 outputs at least one of the N-dimensional direction, the shift direction order, the shift amount, and the number of shifts of the N-dimensionally arranged common keys in plaintext. Shift differently from the data array shift. Further, before or after the common key array shifting process, one or more bits are transposed according to a predetermined rule for the bit string in each dimension arranged in N dimensions based on the key transposition information from the cryptographic strength determination unit 16. It is possible to include a transposition process to be performed in the same manner as described above.

  In this way, the plaintext N-dimensionally arranged and further array-shifted (and transposed) is encrypted, and the common key is N-dimensionally arranged and the array-shifted (and transposed) different from plaintext is encrypted. The unit 14 performs encryption. Specifically, since this encryption is performed by a conventional exclusive OR operation, the processing is simple and can be performed at high speed.

  Since the encrypted ciphertext has an N-dimensional array structure, the transmission unit 15 converts the encrypted ciphertext into a one-dimensional array and transmits it to the reception device 200 as a ciphertext.

  The plaintext arrangement information, the plaintext transposition information, the key arrangement information, and the key transposition information generated based on the cipher strength determined by the encryption strength determination unit 16 are encrypted by the encryption unit 14. Is encrypted together with the public key acquired from the receiving apparatus 200 together with the common key used for the transmission, and transmitted to the receiving apparatus 200 via the transmitting unit 15. The information and the common key transmitted in this way are received by the reception unit 211 of the reception device 200, decrypted with the private key paired with the public key of the reception device 200, and the transmission / reception device common information The storage unit 213 stores the information.

  Furthermore, in the above-described series of encryption processes, N-dimensional arraying is performed before plaintext data before array shift processing, and N-dimensional arraying is performed prior to key array shift processing for common keys. However, the order of processing of the plaintext data and the processing of the common key may be performed first or simultaneously depending on the configuration of the receiving apparatus 100.

  Hereinafter, with reference to the conceptual diagram of FIG. 6, a data flow in the decoding processing of the transmission apparatus 200 according to the embodiment of the present invention will be described.

  The flow from the top to the bottom in FIG. 6 represents the flow of the encryption key data. As a premise for performing the encryption process, a one-way encryption key conversion process is performed on the common key data and the common parameters shown in the upper part of the figure using a hash function or the like, thereby sequentially generating encryption keys. Here, this sequential encryption key can be considered as a “common key”. Information related to such a common key can be supplied by the transmission / reception device common information storage unit 213 and converted into a common key by the one-way encryption key conversion unit 216, but in the hybrid method, The common key itself is encrypted by the transmitting apparatus 100 with the public key paired with the private key of the receiving apparatus 200, and is received by the receiving apparatus 200 and decrypted with the private key.

  The flow from the left to the right in FIG. 6 represents the data flow when the ciphertext is decrypted to become plaintext data. First, the receiving unit 211 of the receiving device 200 that has received the ciphertext from the transmitting device 100 supplies the ciphertext to be decrypted to the N-dimensional array unit 215.

  Further, the reception unit 211 receives the encrypted plaintext arrangement information, plaintext transposition information, key arrangement information, key transposition information, and the like from the transmission apparatus 100 together with the encrypted common key, and performs public key system key exchange. To the unit 212 and the transmission / reception device common information storage unit 213. The transmission / reception device common information storage unit 213 decrypts the encrypted plaintext arrangement information, plaintext transposition information, key arrangement information, and key transposition information, and the common key using the private key of the reception apparatus 200 to obtain plaintext arrangement information. The plaintext transposition information, key arrangement information, and key transposition information are supplied to the encryption strength determination unit 214, and the common key is supplied to the one-way encryption key conversion unit 216. The cryptographic strength determination unit 214 supplies the plaintext arrangement information to the N-dimensional arrangement unit 215 and the arrangement shift unit 220, and further supplies the key arrangement information to the key N-dimensional arrangement unit 217 and the key arrangement shift unit 218. In addition, the one-way encryption key conversion unit 216 supplies the common key to the key N-dimensional array unit 217, and the key N-dimensional array unit 217 arranges the common key of the one-dimensional array in N dimensions based on the key array information. Further, the key arrangement shift unit 218 shifts the data array of the common key arranged in N dimensions based on the key arrangement information, and supplies it to the decryption unit 219.

  On the other hand, the N-dimensional arrangement unit 215 arranges the ciphertext received from the reception unit 211 in N dimensions based on the plaintext arrangement information from the cipher strength determination unit 214 and supplies this to the decryption unit 219. The decryption unit 219 performs decryption by calculating an exclusive OR of the ciphertext arranged in the N-dimensional array by the N-dimensional array unit 215 and the common key data in the N-dimensional array shifted by the key array shift unit 218, Is supplied to the array shift unit 220. The array shift unit 220 shifts the decrypted data array based on the plaintext array information. The data shifted in this way becomes plain text data. However, since it is still an N-dimensional array, plain text data arranged in one dimension is supplied to the application 221 and a series of decryption processing ends.

  If the plaintext data and / or the common key are encrypted after performing the above-described transposition process, the transposition process is returned based on the key transposition information for the common key before or after the key array shift, and the plaintext data After decrypting the ciphertext, before or after the array shift, the transposition processing is returned based on the plaintext transposition information.

  If the encryption and decryption processes are performed as described above, the encryption strength can be remarkably increased only by adding a few processing steps to the conventional hybrid encryption system. Since this method hardly increases the processing burden, it is advantageous when transmitting / receiving large amounts of data using multicarrier communication such as WiMAX (Worldwide Interoperability for Microwave Access). . Furthermore, in the encrypted communication according to the present embodiment, the number of dimensions of the N-dimensional array, the dimension for shifting the array shift, the order, the shift amount, the number of shifts, and the like can be set according to the contents of the plaintext data. Therefore, it is possible to adjust the encryption strength as desired according to the degree to which confidentiality is required.

  In addition, this invention is not limited only to embodiment mentioned above, Many change or deformation | transformation is possible. For example, in the present embodiment, the transmission device 100 and the reception device 200 perform wireless communication, but the present invention can also be applied when performing wired communication. In the above-described embodiment, the array shift process is performed for both plaintext data and the common key at the time of encryption. However, depending on the required encryption strength, only the plaintext data or the common key is processed. An array shift process can also be performed.

  Furthermore, since the present invention is intended to dramatically increase the cryptographic strength by adding a few processing steps to the common key cryptosystem, it is not limited to the hybrid cryptosystem as in the above-described embodiment. It is also possible to apply to other encryption methods based on the common key encryption method.

It is a block diagram which shows schematic structure of the principal part of the transmitter of this Embodiment, and a receiver. It is a figure explaining the positional relationship between plaintext data and key data. It is a figure explaining the arrangement | sequence shift of this Embodiment. It is a conceptual diagram explaining the N-dimensional array process which the N-dimensional array part of this Embodiment performs, and the shift process of the array which an array shift part performs. It is a conceptual diagram explaining the flow of an encryption process of a transmitter. It is a conceptual diagram explaining the flow of a decoding process of a receiver. It is a conceptual diagram explaining the conventional common key encryption system. It is a conceptual diagram explaining the conventional hybrid encryption system. It is a figure explaining the arithmetic processing of the exclusive OR of the common key encryption system by a Burnham encryption.

Explanation of symbols

DESCRIPTION OF SYMBOLS 11 Application 12 N-dimensional arrangement | sequence part 13 Array shift part 14 Encryption part 15 Transmission part 16 Encryption strength determination part 17 Transmission / reception apparatus common information storage part 18 Public key system key exchange part 19 One-way encryption key conversion part 20 Key N-dimensional arrangement part DESCRIPTION OF SYMBOLS 21 Key arrangement | sequence shift part 100 Transmission apparatus 200 Reception apparatus 211 Reception part 212 Public key system key exchange part 213 Transmission / reception apparatus common information storage part 214 Encryption strength determination part 215 N-dimensional arrangement | sequence part 216 One-way encryption key conversion part 217 Key N-dimensional arrangement | sequence Unit 218 key arrangement shift unit 219 decryption unit 220 arrangement shift unit 221 application

Claims (7)

In a communication method of a communication system having a transmission device that encrypts plaintext data with encryption key data and transmits the data, and a reception device that decrypts the ciphertext transmitted from the transmission device with decryption key data to obtain plaintext data.
The transmitter is
Arranging the plaintext data in N dimensions (N is a natural number of 2 or more);
Arranging the encryption key data in the N-dimensional arrangement;
Converting the N-dimensional array of the plaintext data array in a first manner;
Converting the array of the encryption key data arranged in an N-dimensional manner by a second method different from the first method;
Encrypting plaintext data converted by the first method using encryption key data converted by the second method, and generating a ciphertext;
Transmitting the generated ciphertext to the receiving device,
The receiving device is:
Receiving the ciphertext transmitted from the transmitting device;
Arranging the decryption key data in the N-dimensional arrangement;
Transforming the array of the N-dimensionally arranged decryption key data by the second method;
Decrypting the ciphertext using the decryption key data converted by the second method;
Inversely transforming the array of the decrypted data based on the first scheme to obtain the plaintext data;
A communication method comprising: Prior to executing the step of transmitting the generated ciphertext to the receiving device, the transmitting device converts the ciphertext encrypted using the encryption key data converted by the second method into a one-dimensional array. Further comprising the steps of:
The receiving device further includes a step of converting the received ciphertext into the N-dimensional array prior to executing the step of decrypting the ciphertext using the decryption key data converted by the second method. Have
In the step of inversely transforming the decrypted data array based on the first method to obtain the plaintext data, the decrypted data array of the N-dimensional array is converted into a one-dimensional array, The communication method according to claim 1, wherein the plaintext data is obtained. The transmitter is
Determining the number of dimensions in the N-dimensional array according to the configuration and / or content of the plaintext data;
The receiving device is:
Grasping the determined number of dimensions, and
The communication method according to claim 1 or 2, wherein the plaintext data, the encryption key data, and the decryption key data are converted according to the determined number of dimensions.   4. The communication method according to claim 1, wherein the first method and the second method include transposition processing for transposing data according to a predetermined rule. 5. In a communication system having a transmission device that encrypts plaintext data with encryption key data and transmits and a reception device that decrypts the ciphertext transmitted from the transmission device with decryption key data to obtain plaintext data,
The transmitter is
A first N-dimensional arrangement unit that arranges the plaintext data and the encryption key data in N dimensions (N is a natural number of 2 or more);
The array of the plaintext data arranged in N dimensions is converted by a first method, and the array of the encryption key data arranged in N dimensions is converted by a second method different from the first method. A first array conversion unit to
An encryption unit that encrypts plaintext data converted by the first method using encryption key data converted by the second method, and generates a ciphertext;
A transmission unit that transmits the ciphertext generated by the encryption unit to the reception device,
The receiving device is:
A receiver for receiving the ciphertext transmitted from the transmitter;
A second N-dimensional arrangement unit for arranging the decryption key data in the N-dimensional manner;
A second array conversion unit for converting the array of the decryption key data arranged in the N-dimensional manner by the second method;
A decryption unit that decrypts the ciphertext using the decryption key data converted by the second method;
A plaintext restoration unit that reversely transforms the array of the decrypted data based on the first scheme to obtain the plaintext data;
A communication system comprising: In a communication method of a communication system having a transmission device that encrypts plaintext data with encryption key data and transmits the data, and a reception device that decrypts the ciphertext transmitted from the transmission device with decryption key data to obtain plaintext data.
The transmitter is
Arranging the plaintext data in N dimensions (N is a natural number of 2 or more);
Arranging the encryption key data in the N-dimensional arrangement;
Converting the N-dimensional array of the plaintext data array;
Encrypting the converted plaintext data using the encryption key data to generate a ciphertext;
Transmitting the generated ciphertext to the receiving device,
The receiving device is:
Receiving the ciphertext transmitted from the transmitting device;
Arranging the decryption key data in the N-dimensional arrangement;
Decrypting the ciphertext using the decryption key data;
Inversely transforming the decrypted data array to obtain the plaintext data;
A communication method comprising: In a communication method of a communication system having a transmission device that encrypts plaintext data with encryption key data and transmits the data, and a reception device that decrypts the ciphertext transmitted from the transmission device with decryption key data to obtain plaintext data.
The transmitter is
Arranging the plaintext data in N dimensions (N is a natural number of 2 or more);
Arranging the encryption key data in the N-dimensional arrangement;
Converting the N-dimensionally arranged array of the encryption key data;
Encrypting the plaintext data using the converted encryption key data to generate a ciphertext;
Transmitting the generated ciphertext to the receiving device,
The receiving device is:
Receiving the ciphertext transmitted from the transmitting device;
Arranging the decryption key data in the N-dimensional arrangement;
Transforming the array of the N-dimensionally arranged decryption key data;
Decrypting the ciphertext using the converted decryption key data;
Inversely transforming the decrypted data array to obtain the plaintext data;
A communication method comprising:

Images