JP5251366B2 - Common key generation terminal, key sharing system, and common key generation method - Google Patents

Description

  The present invention relates to a terminal for generating a common key used when encrypting information using common key cryptography, a method thereof, and a system for sharing a common key.

  Conventionally, “To provide a key sharing system capable of securely sharing key information among a plurality of devices. "In the key sharing system 1 composed of the authentication management device 20 and a plurality of wireless terminal devices 10, the authentication management device 20 periodically generates key generation source information to generate each wireless terminal device. Call 10 Each wireless terminal device 10 triggers detection of a first external input directly given to the wireless terminal device 10 while receiving key generation source information periodically transmitted from the authentication management device 20. As described above, one or more pieces of key generation source information are selected and held from the received key generation source information. Each wireless terminal device 10 generates key information based on the held one or more key generation source information, and shares this key information with the authentication management device 20. Thereby, since the wiretapping device cannot detect the first external input directly given to the wireless terminal device 10 and the authentication management device 20, the key information can be safely shared between the devices. Is proposed (Patent Document 1).

  In addition, “In a wireless LAN system, communication of connection information between a terminal and an access point is performed by unencrypted wireless communication, so even if the wireless output is reduced, a third party wirelessly uses a high-sensitivity antenna. If the communication is wiretapped, the connection setting value is easily leaked. For this reason, the security of the wireless LAN may not be ensured. As a technology that has the problem of "the wireless network connection setting value to increase the confidentiality of the wireless network connection setting value, the wireless connection information setting method of the wireless system comprising the wireless base station and the wireless terminal, And a step of sending a signal to a user of the wireless terminal when the wireless base station is in a standby state, and a response to the signal. Thus, the method includes a step of setting the public key encryption of the wireless terminal from the user's wireless terminal to the wireless base station, and a step of encrypting the wireless connection information using the public key encryption and sending the wireless connection information to the wireless terminal. Is proposed (Patent Document 2).

JP 2007-88629 A (summary) JP 2007-189565 A (summary)

  In the technique described in Patent Document 1, user operations are simultaneously performed between two terminals that want to share a key, and key generation source information received immediately after that is shared as secret information. This user operation is assumed to occur at the exact same time.

However, as a user operation, for example, when considering a case where buttons respectively attached to two devices are simultaneously pressed, it is conceivable that the user's hand is out of order and the buttons cannot be pressed simultaneously because of manual operation.
In this case, since a time lag occurs in the user operation, the key generation source information received immediately after the user operation is different between the two terminals, and the sharable key generation source information may not be uniquely determined. As a result, a common key cannot be generated between the two terminals.

  In particular, when key generation source information is frequently distributed so that eavesdropping from a third party is difficult, a plurality of key generation source information is distributed to each terminal during the above time lag. Thus, it is considered that there is a high possibility that each terminal cannot uniquely determine sharable key generation source information.

In the technique described in Patent Document 2, the wireless base station encrypts a message using the public key received from the wireless terminal, and securely transmits the message to the wireless terminal.
However, since the key information itself is transmitted by a radio signal, a third party can easily eavesdrop on the key information, and is not suitable for common key encryption. Therefore, in the above-mentioned Patent Document 2, the public key is wirelessly distributed on the premise of the asymmetric encryption method.

  In view of the above background, a common key generation method capable of securely and securely sharing a common key has been desired.

  A common key generation terminal according to the present invention is a terminal that generates a common key used for common key encryption, a key generation source acquisition unit that acquires a plurality of key generation source information that is a basis for generating the common key, and an operation An operation unit that receives an input; and a recording unit that records the key generation source information acquired by the key generation source acquisition unit within a predetermined time width based on a time point when the operation unit receives a predetermined operation input. Verify whether at least one of the receiving unit that receives information transmitted by other terminals and the key generation source information recorded by the recording unit matches the information received by the receiving unit. Generated by the transmission information generation unit, the transmission information generation unit that generates information to be transmitted to the other terminal using at least one of the key generation source information recorded by the recording unit, and the transmission information generation unit Send information to the other terminal The transmission information generation unit using the transmission unit, the information verified by the reception information verification unit when it matches the key generation source information recorded in the recording unit, and the key generation source information recorded in the recording unit And a common key generation unit that generates the common key based on the information generated by.

According to the common key generation terminal according to the present invention, the key generation source information acquired within a predetermined time width based on the time point when the operation unit receives the predetermined operation input is recorded.
Therefore, even when there is a time lag between terminals with respect to the timing of operation input, the time lag within the predetermined time width can be absorbed, so that a sharable common key can be generated reliably.

  Further, since the common key itself is not distributed, but key generation source information that is a base for generating the common key is shared, each terminal can safely generate the common key.

Embodiment 1 FIG.
FIG. 1 is a configuration diagram of a key sharing system according to Embodiment 1 of the present invention.
The key sharing system according to the first embodiment includes wireless nodes 100a and 100b and a key generation source information distribution apparatus 200.

  The wireless nodes 100a and 100b exist at positions where the key generation source information distributed by the key generation source information distribution apparatus 200 can be received. Further, the wireless nodes 100a and 100b exist at positions where they can communicate with each other.

The key generation source information distribution device 200 distributes key generation source information.
The key generation source information is information that is a basis for generating a common key. For example, a pseudo random number seed or a random number itself corresponds to this.

  The wireless nodes 100a and 100b are communication terminals that perform wireless communication. The wireless nodes 100a and 100b generate a sharable common key based on the key generation source information by using the method described with reference to FIGS.

  Since the wireless nodes 100a and 100b have the same configuration, hereinafter, they are collectively referred to as the wireless node 100, and the alphabetic suffixes are omitted. The same applies to the components included in each wireless node.

FIG. 2 is an external view of the wireless node 100.
An indicator lamp 105 and a switch 110 are provided outside the casing of the wireless node 100. Further, the wireless node 100 includes a wireless antenna 104 for communicating with other nodes.
The user operates the switch 110 to give an instruction to the wireless node 100 or notify an external event.
An external event refers to an external event detected by a sensor or the like installed outside the wireless node. For example, a change in the value of a vibration sensor externally connected to the wireless node may be notified to the wireless node as an external event. In this case, it is assumed that the common key is updated (reset or refreshed) according to the change in the value of the vibration sensor.
The indicator lamp 105 includes display means such as an LED (Light Emitting Diode) and plays a role of notifying the internal state of the wireless node 100 to the outside by lighting. For example, the process progress in the wireless node such as successful challenge response or successful generation of a common key is shown. As a result, the user can visually check the internal processing.

FIG. 3 is an external view of the key generation source information distribution apparatus 200.
The key generation source information distribution apparatus 200 includes a wireless antenna 204 for wireless communication.
When the power is turned on, the key generation source information distribution apparatus 200 has a role of wirelessly distributing key generation source information composed of random numbers, time information, and the like at predetermined time intervals. Therefore, unlike the wireless node 100, a switch and an indicator lamp are not necessarily required.
In the present invention, the key generation source information is represented as ran (n). n is the serial number of the key generation source information.

FIG. 4 is a functional block diagram of radio node 100 according to the first embodiment.
The wireless node 100 includes a switch 110, a key generation source information recording unit 111, a temporary recording memory 112, a recording table 113, a common secret information storage unit 114, a window time timer 115, a response generation unit 116, a challenge verification unit 117, and a challenge generation unit. 118, a window time setting unit 120, a transmission unit 130, and a reception unit 131.
The wireless node 100 also includes a common key generation unit (not shown) that generates a common key using the secret information stored in the common secret information storage unit 114.

  The switch 110 is connected to the key generation source information recording unit 111, the temporary recording memory 112, and the window time timer 115.

The key generation source information recording unit 111 records only the key generation source information ran (n) received by the reception unit 131 that is immediately after the user presses the switch 110. Details will be described later with reference to FIG.
The key generation source information recording unit 111 is connected to the common secret information storage unit 114 and the response generation unit 116.

The temporary recording memory 112 regularly receives and records the key generation source information ran (n) received by the receiving unit 131 from the receiving unit 131. The time for recording ran (n) is, for example, the key generation source information received from the window time tw before the user operation t1 described later with reference to FIG. 5 and at least the window time tw after the user operation t1. And so on.
When the switch 110 is pressed, the key generation source information ran (n) recorded within the window time tw before and after the pressing time (that is, within the width of time 2tw) is moved to the recording table 113. . Details will be described later with reference to FIG.

  The recording table 113 is connected to the challenge verification unit 117.

The common secret information storage unit 114 stores secret information shared by the wireless nodes 100a and 100b.
In the first embodiment, the key generation source information ran (n) recorded in the key generation source information recording unit 111 and the key generation source information verified by the challenge verification unit 117 are transmitted by the wireless nodes 100a and 100b. Confidential information to be shared. The sharing method will be described again with reference to FIGS.

  The window time timer 115 notifies the challenge generation unit 118 to that effect when at least the window time tw has elapsed after the switch 110 is pressed.

The response generation unit 116 generates response information using the challenge information received by the reception unit 131 and the key generation source information ran (n) recorded in the key generation source information recording unit 111. The challenge information and response information will be described again in FIG.
The response generation unit 116 transmits the generated response information to the challenge information transmission source terminal via the transmission unit 130.

  The challenge verifying unit 117 verifies whether or not key generation source information that matches the response information received by the receiving unit 131 exists in the recording table 113. The identified key generation source information is stored in the common secret information storage unit 114.

  The challenge generation unit 118 generates arbitrary challenge information composed of random numbers, for example, and transmits it via the transmission unit 130.

  The window time setting unit 120 includes an interface for the user to input and set the value of the window time tw.

  The transmission unit 130 generates a packet with a transmission address, a reception address, and a code number added to each signal output from the response generation unit 116 and the challenge generation unit 118, and transmits the packet to another wireless node. The packet format will be described again with reference to FIGS.

The receiving unit 131 receives the key generation source information ran (n) distributed by the key generation source information distribution apparatus 200 and stores it in the temporary recording memory 112.
Further, after inspecting the transmission address, reception address, and code number of the packet received from another wireless node 100, the key generation source information recording unit 111, the temporary recording memory 112, the response generation unit 116, and the challenge verification unit 117 Outputs signals received by each unit.

  The window time timer 115, the response generation unit 116, the challenge verification unit 117, the challenge generation unit 118, the window time setting unit 120, and the common key generation unit may be configured by hardware such as a circuit device that realizes these functions. It can also be configured by a computing device such as a microcomputer or CPU (Central Processing Unit) and a circuit device that defines its operation.

  The key generation source information recording unit 111, the temporary recording memory 112, the recording table 113, and the common secret information storage unit 114 can be configured by storage means such as a memory device. These can also be constituted by a common storage means.

  The transmission unit 130 and the reception unit 131 appropriately include an interface for performing wireless communication, a signal processing unit, and the like.

The “key generation source acquisition unit” in the first embodiment corresponds to the reception unit 131.
The “reception information verification unit” corresponds to the challenge verification unit 117.
The “transmission information generation unit” corresponds to the response generation unit 116 and the challenge generation unit 118.

The configuration of the key sharing system and radio node 100 according to Embodiment 1 has been described above.
Next, a procedure for sharing a common key between the wireless nodes 100a and 100b will be described.

  When the common key is shared between the wireless nodes 100a and 100b, the following two matters are agreed in advance.

<Pre-order 1>
It is assumed that the user presses the switch 110b of the wireless node 100a and then presses the switch 110b of the wireless node 100b.
<Pre-order 2>
The time difference when the user presses the switch 110 between the wireless nodes 100a and 100b is assumed to be within the window time tw.

  FIG. 5 is a sequence diagram showing a process in which the wireless nodes 100a and 100b share a common key. Hereinafter, each step of FIG. 5 will be described.

(S501): Recording start It is assumed that the key generation source information distribution device 200 distributes the key generation source information ran (n) before the time when the wireless nodes 100a and 100b start to operate.
The receiving unit 131a of the wireless node 100a receives the key generation source information ran (n) and starts an operation of recording it in the temporary recording memory 112a (time t0).

(S502): User operation The user presses the switch 110a of the wireless node 100a (time t1). Here, it is assumed that the switch 110a is pressed between ran (09) and ran (10).
At this time, up to the key generation source information ran (09) is recorded in the temporary recording memory 112a.
The key generation source information recording unit 111a records the key generation source information received by the reception unit 131a immediately after the user presses the switch 110a. In the example of FIG. 5, ran (10) is recorded in the key generation source information recording unit 111a.
This ran (10) is treated as secret information held by the wireless node 100a in the subsequent processing.

(S503): User operation The user presses the switch 110b of the wireless node 100b after the switch 110a of the wireless node 100a is pressed until the window time tw elapses (time t2). Here, it is assumed that the switch 110b is pressed between ran (11) and ran (12).
At this time, up to the key generation source information ran (11) is recorded in the temporary recording memory 112b.
The key generation source information recording unit 111b records the key generation source information received by the reception unit 131b immediately after the user presses the switch 110b. In the example of FIG. 5, ran (12) is recorded in the key generation source information recording unit 111b.
This ran (12) is handled as secret information held by the wireless node 100b in the subsequent processing.

(S504): Timer check The window time timer 115 of each wireless node checks whether the window time tw has elapsed from the user operations in steps S502 and S503.

(S505): Key generation source information transition After the window time tw has elapsed from time t1 (time t3), the temporary recording memory 112a records the key generation source recorded within the window time tw before and after time t1 when the user pressed the switch 110a. The information ran (n) is transferred to the recording table 113a.
In the example of FIG. 5, ran (07) to ran (12) correspond. The contents of the recording table 113a at this time are shown again in FIG.

(S506): Key generation source information transfer After the window time tw has elapsed from time t2 (time t4), the temporary recording memory 112b records the key generation source recorded within the window time tw before and after time t2 when the user pressed the switch 110b. The information ran (n) is transferred to the recording table 113b.
In the example of FIG. 5, ran (09) to ran (14) correspond. The contents of the recording table 113b at this time will be shown again in FIG.

(S507): Challenge transmission The wireless node 100a stands by until at least the window time tw elapses from the time t3.
Next, the challenge generation unit 118a broadcasts arbitrary challenge information chl_1 via the transmission unit 130a.
The broadcast is performed because the wireless node 100a may not know the existence of the wireless node 100b. In other words, the challenge information chl_1 is intended to be distributed to all wireless nodes that desire common secret information. The packet format at this time will be described again with reference to FIG.

(S508): Response transmission When the reception unit 131b of the wireless node 100b receives the challenge information chl_1, the response generation unit 116b generates response information rsp_1 and transmits the response information rsp_1 to the wireless node 100a via the transmission unit 130b.
The response generation unit 116b applies the received challenge information chl_1 and the key generation source information ran (12) recorded in the key generation source information recording unit 111b of the wireless node 100b to the prescribed arithmetic expression F to obtain the following formula: Response information rsp_1 is generated as follows.
rsp_1 = F (chl_1, ran (12))
The packet format at this time will be described again with reference to FIG.
The wireless node 100b records the number of the wireless node 100a included in the challenge information packet in an appropriate memory or the like.

(S509): Response verification When the reception unit 131a of the wireless node 100a receives the response information rsp_1, the challenge verification unit 117a records the key generation source information ran (n) matching the response information rsp_1 in the recording table 113a. It is verified whether it is done.
Specifically, the values of F (chl_1, ran (07)) to F (chl_1, ran (12)) are calculated using the same arithmetic expression F as the prescribed arithmetic expression described in step S508, and rsp_1 Search for a match.
Here, since F (chl_1, ran (12)) matches rsp_1, the numbers of ran (12) and the radio node 100b are temporarily recorded in an appropriate memory or the like.
If the key generation source information ran (n) that matches the response information rsp_1 is not recorded in the recording table 113a by the above calculation, the wireless nodes 100a and 100b can share the secret information. The subsequent processing is interrupted.
By this step, the key generation source information ran (12) recorded as the secret information by the wireless node 100b in step S503 is shared between the wireless node 100a and the wireless node 100b.

(S510): Challenge transmission The wireless node 100b stands by until at least the window time tw elapses from the time t4.
Next, the challenge generation unit 118b broadcasts arbitrary challenge information chl_2 via the transmission unit 130b.
The purpose of this step is the same as that of step S507.

(S511): Response transmission When the reception unit 131a of the wireless node 100a receives the challenge information chl_2, the response generation unit 116a generates response information rsp_2 and transmits the response information rsp_2 to the wireless node 100b via the transmission unit 130a.
The response generation unit 116a applies the received challenge information chl_2 and the key generation source information ran (10) recorded in the key generation source information recording unit 111a of the wireless node 100a to the prescribed arithmetic expression F, Response information rsp_2 is generated as follows.
rsp_2 = F (chl_2, ran (10))
The wireless node 100a records the number of the wireless node 100b included in the challenge information packet in an appropriate memory or the like.

(S512): Response verification When the reception unit 131b of the wireless node 100b receives the response information rsp_2, the challenge verification unit 117b records the key generation source information ran (n) that matches the response information rsp_2 in the recording table 113b. It is verified whether it is done.
Specifically, the values of F (chl_2, ran (09)) to F (chl_2, ran (14)) are calculated using the same arithmetic expression F as the prescribed arithmetic expression described in step S508, and rsp_2 Search for a match.
Here, since F (chl_2, ran (10)) matches rsp_2, ran (10) and the number of the wireless node 100a are temporarily recorded in an appropriate memory or the like.
If the key generation source information ran (n) that matches the response information rsp_2 is not recorded in the recording table 113b by the above-described calculation, the wireless nodes 100a and 100b can share the secret information. The subsequent processing is interrupted.
By this step, the key generation source information ran (10) recorded as the secret information by the wireless node 100a in step S502 is shared between the wireless node 100a and the wireless node 100b.

(S513): Node number match confirmation The challenge verifying units 117 of the wireless nodes 100a and 100b confirm whether or not the counterpart node numbers extracted from the packets match each other at the time of challenge information reception and response verification.
If a match can be confirmed, the process proceeds to step S514. If a match is not confirmed, it is assumed that the wireless nodes 100a and 100b cannot share the secret information, and the subsequent processing is interrupted.

(S514): Sharing secret information Through the above steps, the wireless nodes 100a and 100b share the node numbers of each other.
Further, the wireless node 100a specifies key generation source information ran (12) held as secret information by the wireless node 100b, and the wireless node 100b uses key generation source information ran (10) held by the wireless node 100a as secret information. It will be identified.
Accordingly, the wireless nodes 100a and 100b share the mutual node number, key generation source information ran (10), and key generation source information ran (12).
These are stored in the common secret information storage unit 114 as secret information shared between the wireless nodes 100a and 100b. Thereafter, the common key generation unit of each wireless node generates a common key using this secret information.
As a result, a common key is generated using the shared secret information, so that each terminal can generate the same common key, and the common key itself can be securely shared between nodes without wireless transmission. It can be done.

  The process in which the wireless nodes 100a and 100b share the common key has been described with reference to the sequence diagram of FIG.

FIG. 6 is a diagram illustrating the sequence diagram of FIG. 5 as an operation flow of each wireless node.
In order to show the correspondence between the two figures, the same step number is assigned to the same process. When the steps of FIG. 5 are represented by a plurality of steps in FIG.
The contents of the processing flow in FIG. 6 are the same as the steps in FIG.

  FIG. 7 is a flowchart of the response verification process in steps S509 and S512 of FIG. Hereinafter, each step of FIG. 7 will be described. Here, the processing of S509 in the wireless node 100a will be described.

(S700)
When the reception unit 131a of the wireless node 100a receives the response information rsp_1, this processing flow is started.
(S701)
The challenge verification unit 117a verifies whether or not the key generation source information ran (n) that matches the response information rsp_1 is recorded in the recording table 113a.
Specifically, the values of F (chl_1, ran (07)) to F (chl_1, ran (12)) are calculated using the same arithmetic expression F as the prescribed arithmetic expression described in step S508, and rsp_1 Search for a match.

(S702)
If a search can be made that matches rsp_1, the process advances to step S703; otherwise, the process advances to step S704.
(S703)
The challenge verification unit 117a temporarily records the searched key generation source information (here, ran (12)) and the number of the wireless node 100b in an appropriate memory or the like.
(S704)
The challenge verification unit 117a interrupts the subsequent processing.

  FIG. 8 is a diagram showing the recording contents of the recording table 113a in step S505 of FIG. In step S505, the received key generation source information ran (07) to ran (12) is recorded within the window time tw before and after the time t1.

  FIG. 9 is a diagram showing the recording contents of the recording table 113b in step S506 of FIG. In step S506, the received key generation source information ran (09) to ran (14) is recorded within the window time tw before and after the time t2.

FIG. 10 is a diagram illustrating a packet configuration of challenge information.
The challenge information packet has a transmission address part, a reception address part, and a data part.
The transmission address part stores the transmission source node number of the challenge information packet.
A value indicating that the packet is a broadcast packet is stored in the reception address portion.
The data section stores challenge information generated by the challenge generator 118.

FIG. 11 is a diagram illustrating a packet configuration of response information.
The response information packet has a transmission address part, a reception address part, and a data part.
The transmission address part stores the transmission source node number of the response information packet.
In the reception address part, the destination node number of the response information packet is stored.
Response information generated by the response generation unit 116 is stored in the data portion.

The procedure for sharing the common key between the wireless nodes 100a and 100b has been described above.
When each storage means outputs data, each storage means itself may have a data output function, or other functional units or other arithmetic devices may access each storage means to read the data. It may be.

  As described above, according to the first embodiment, even if the key generation source information ran (n) is wiretapped, the wiretapping terminal cannot know when the switch 110 is pressed. Whether the key generation source information is held as secret information can be concealed.

Further, according to the first embodiment, if the time lag of the operation (depressing the switch 110) performed by the user in the wireless nodes 100a and 100b is within the window time tw agreed in advance, each wireless node 100 The record table 113 stores key generation source information ran (n) held by other wireless nodes.
Therefore, even if there is a time lag in user operation, each wireless node 100 can share the key generation source information ran (n) as secret information.
Accordingly, the user can perform the operation without strictly synchronizing the time and without paying special attention, so that the common key can be easily and safely shared.

Further, according to the first embodiment, the response generation unit 116 uses the key generation source information recorded by the key generation source information recording unit 111, that is, the key generation source information recorded immediately after the user operation, as challenge information. At the same time, it is applied to the arithmetic expression F to generate response information.
As a result, the key generation source information recorded by the key generation source information recording unit 111 can be safely transmitted to another wireless node on the premise that the arithmetic expression F is shared.

Further, according to the first embodiment, instead of transmitting the common key itself to other wireless nodes, the key generation source information that is the basis for generating the common key is shared between the wireless nodes, and based on this, each key generation source information is shared. The wireless node itself generates a common key.
Therefore, since the common key does not flow in the wireless network, it is not necessary to use a public key cryptosystem, and the common key can be safely shared between wireless nodes.
Furthermore, since the common key cryptosystem generally has a smaller calculation load than the public key cryptosystem, the advantage of safely sharing the common key can be further enhanced.

Further, according to the first embodiment, by changing the window time tw by inputting from the window time setting unit 120, the user burden associated with the user operation is changed, and the installation state of the wireless node 100 and the user operation state are changed. Can be matched.
For example, when two wireless nodes 100 are installed apart from each other, if one user operates both wireless nodes 100, the time lag of user operation is inevitably caused by the travel time associated with the user operation. Becomes larger.
In such a case, the window time tw may be set to be large so as to allow a time lag according to the installation situation.

Embodiment 2. FIG.
In the first embodiment, the example in which the switch 110a of the wireless node 100a is pressed first has been described. However, the wireless node 100b may be pressed first. In the second embodiment, the operation at this time will be described.

FIG. 12 is a sequence diagram illustrating a process in which the wireless nodes 100a and 100b share a common key when the user first presses the switch 110b of the wireless node 100b.
The operation sequence of FIG. 12 is the same as that of FIG. In the example of FIG. 12, the key generation source information received immediately after the user operation performed in each wireless node 100, here ran (08) and ran (10), is shared between the wireless nodes.

Embodiment 3 FIG.
In the first and second embodiments, it has been described that the key generation source information ran (n) received immediately after the user operation is recorded in the key generation source information recording unit 111. However, the present invention is not limited to this. For example, the key generation source information ran (n) is received immediately before the user operation. The generated key generation source information ran (n) may be recorded in the key generation source information recording unit 111.
In the example of FIG. 5, ran (09) and ran (11) are recorded in the key generation source information recording unit 111.

The user operation is performed for instructing secret information that is used as secret information in each radio node and that is to be shared with other radio nodes. Therefore, as long as the content of the instruction can be specified, the key generation source information ran (n) to be recorded may be any immediately before and after the user operation.
In addition to this, if the key generation source information ran (n) to be recorded in response to a user operation can be determined, the key generation source information ran (n) received other than immediately before or after the user operation is generated as a key. You may make it record in the source information recording part 111. FIG.

Embodiment 4 FIG.
In the first to third embodiments described above, the key generation source information ran (n) is distributed by the key generation source information distribution apparatus 200. However, any one of the wireless nodes receives the key generation source information ran (n). May be provided.
For example, the key generation source information distribution apparatus 200 becomes the primary distribution source of the key generation source information ran (n), and each wireless node that receives the key generation source information ran (n) transfers the key generation source information ran (n) to the other wireless nodes. Possible forms.

Embodiment 5 FIG.
In the above first to fourth embodiments, it is assumed that the key generation source information distribution apparatus 200 and each wireless node 100 perform wireless communication using the same frequency. However, the present invention is not limited to this, and each wireless node 100 is not limited thereto. Radio signals that can be received in common may be used.
For example, a standard radio wave including clock information received by the radio clock can be used.
In this case, each radio node 100 includes both a standard radio wave receiving unit that receives standard radio waves, and a transmission unit 130 and a reception unit 131 that perform radio communication between the radio nodes 100.

Embodiment 6 FIG.
In the above first to fifth embodiments, the challenge / response method is used as a method for specifying the key generation source information shared between the wireless nodes 100. However, the present invention is not limited to this, and other methods are used. Key generation source information can also be shared.

Embodiment 7 FIG.
In the first to sixth embodiments described above, each wireless node 100 has been described that the key generation source information ran (n) is received from the key generation source information distribution apparatus 200. However, the wireless node 100 itself has the key generation source information. Each wireless node 100 may include means for generating ran (n) and synchronizing it between the wireless nodes 100.

  For example, each wireless node 100 includes an accurate clock or a clock that can be accurately synchronized with each other, and instead of receiving the key generation source information ran (n) from the key generation source information distribution apparatus 200, each wireless node 100 Uses time information generated by itself as key generation source information ran (n).

  In this case, since the key generation source information ran (n) having the same value is generated at the same time in each wireless node 100, the key generation source information ran (n) is received from the key generation source information distribution apparatus 200. The operating situation is equivalent to. Therefore, the configuration and operation described in the above embodiment can be applied as they are.

  The “key generation source information acquisition unit” in the seventh embodiment corresponds to means for generating and acquiring the key generation source information ran (n) by itself.

Embodiment 8 FIG.
In Embodiments 1 to 7 described above, it has been described that the wireless node 100 includes the transmission unit 130 and the reception unit 131 that perform wireless communication. However, a similar method can be used for wired communication.
Further, the transmission unit 130 and the reception unit 131 are separated from the node 100 and provided in the external device, and the node 100 performs only processing related to the common key sharing and transmits / receives each information to / from other nodes via the external device. It may be configured.

1 is a configuration diagram of a key sharing system according to Embodiment 1. FIG. 1 is an external view of a wireless node 100. FIG. 2 is an external view of a key generation source information distribution apparatus 200. FIG. 2 is a functional block diagram of a radio node 100 according to Embodiment 1. FIG. It is a sequence diagram which shows the process in which the wireless nodes 100a and 100b share a common key. FIG. 6 is a diagram illustrating the sequence diagram of FIG. 5 as an operation flow of each wireless node. 6 is a flowchart of response verification processing in steps S509 and S512 of FIG. It is a figure which shows the recording content of the recording table 113a in FIG.5 S505. It is a figure which shows the recording content of the recording table 113b in step S506 of FIG. It is a figure which shows the packet structure of challenge information. It is a figure which shows the packet structure of response information. It is a sequence diagram which shows the process in which a common key is shared when the user presses switch 110b of wireless node 100b first.

Explanation of symbols

  100a to 100b wireless node, 110 switch, 111 key generation source information recording unit, 112 temporary recording memory, 113 recording table, 114 common secret information storage unit, 115 window time timer, 116 response generation unit, 117 challenge verification unit, 118 challenge Generation unit, 120 window time setting unit, 130 transmission unit, 131 reception unit, 200 key generation source information distribution device.

Claims (9)

A terminal that generates a common key used for common key encryption,
A key generation source acquisition unit that acquires a plurality of pieces of key generation source information serving as a basis for generating the common key;
An operation unit for receiving operation inputs;
A recording unit for recording the key generation source information acquired by the key generation source acquisition unit within a predetermined time width based on a point in time when the operation unit receives a predetermined operation input in the key generation source information;
A receiving unit for receiving information transmitted by another terminal;
A reception information verification unit that verifies whether at least one of the key generation source information recorded by the recording unit matches the information received by the reception unit;
A transmission information generation unit that generates information to be transmitted to the other terminal using at least one of the key generation source information recorded by the recording unit;
A transmission unit for transmitting the information generated by the transmission information generation unit to the other terminal;
Information verified by the reception information verification unit when it matches the key generation source information recorded in the recording unit, and information generated by the transmission information generation unit using the key generation source information recorded in the recording unit A common key generation unit for generating the common key based on
A common key generation terminal comprising: The transmission information generation unit generates arbitrary first challenge information,
The received information verification unit
The information received by the receiving unit is
Whether the key generation source information recorded in the recording unit and the information obtained by applying the first challenge information to a predetermined arithmetic expression are the same,
The common key generation terminal according to claim 1, wherein the verification is executed. The receiver is
Receiving any second challenge information transmitted by the other terminal;
The transmission information generation unit
3. The common key according to claim 2, wherein response information for the second challenge information is generated by applying the second challenge information and the key generation source information recorded in the recording unit to the predetermined arithmetic expression. Generation terminal. The common key generation terminal according to any one of claims 1 to 3, wherein the transmission unit and the reception unit communicate with the other terminal by radio. The common key generation terminal according to any one of claims 1 to 4, further comprising means for distributing the key generation source information to another terminal. Means for generating the plurality of key generation source information by itself;
Means for sharing the plurality of key generation source information with other terminals;
5. The common key generation terminal according to claim 1, further comprising: A plurality of common key generation terminals according to any one of claims 1 to 4,
A key generation source information distribution device for distributing the key generation source information to each of the common key generation terminals;
A key sharing system comprising: A key sharing system comprising a plurality of common key generation terminals according to claim 5 or 6. A method for generating a common key used for common key encryption by a communication terminal that performs wireless communication ,
A key generation source acquisition step of acquiring a plurality of pieces of key generation source information that is a basis for generating the common key;
An operation step for accepting an operation input;
A recording step of recording the key generation source information acquired in the key generation source acquisition step within a predetermined time width based on a time point when the predetermined operation input is received in the operation step among the key generation source information; and
A receiving step for receiving information transmitted by another terminal;
A reception information verification step for verifying whether at least one of the key generation source information recorded in the recording unit in the recording step matches the information received in the reception step;
A transmission information generation step of generating information to be transmitted to the other terminal using at least one of the key generation source information recorded in the recording unit in the recording step;
A transmission step of transmitting the information generated in the transmission information generation step to the other terminal;
Information that is verified in the reception information verification step when it matches the key generation source information recorded in the recording unit in the recording step, and information that is generated in the transmission information generation step using the key generation source information recorded in the recording step A common key generation step for generating the common key based on:
A common key generation method characterized by comprising:

Images