JP5706751B2 - Stream cipher encryption apparatus, stream cipher decryption apparatus, stream cipher encryption method, stream cipher decryption method, and program - Google Patents

Description

  The present invention relates to a stream cipher encryption apparatus, a stream cipher decryption apparatus, a stream cipher that execute all processes in parallel, including the processes of n stream cipher encryptors or stream cipher decryptors. The present invention relates to an encryption method, a stream encryption decryption method and a program.

  In recent years, various services using computers have been provided. In many services, encryption is used to conceal communication. The most common encryption method is a common key encryption method that performs encryption / decryption with a single key, but the common key encryption method is roughly divided into a block encryption method and a stream encryption method. The former is the method that is most commonly used, but the latter has been attracting attention in recent years because it is superior in processing speed.

  In the stream cipher, initial values are stirred by an initialization process, an initial internal state is generated, and each sequence of encryption is generated while sequentially updating the generated state. In the conventional stream cipher, since key sequence generation processing is further performed after initialization, a technique for speeding up the processing is disclosed (for example, see Patent Document 1).

  In the technique described in Patent Document 1, a plurality of key sequence generation units generate a plurality of intermediate keys using one secret key and a plurality of IVs (Initial Value) before plaintext data is input, The intermediate key storage memory stores a plurality of generated intermediate keys, and the plurality of key sequence generation units, when plaintext data is input, stores a plurality of intermediate keys stored in the intermediate key storage memory. Each is input, and a key sequence is generated in parallel from each input intermediate key. The XOR unit inputs a plurality of key sequences generated by a plurality of key sequence generation units, and uses the input plurality of key sequences. The plaintext data is encrypted.

JP 2008-60750 A

  In the above technology, processing up to the generation of the key sequence is processed in parallel, so the processing load can be expected to be reduced compared to the conventional one, but the exclusive OR operation of the key sequence and plaintext is processed in parallel. Since it was not realized, the processing load could not be reduced sufficiently.

  Therefore, the present invention has been made in view of the above-described problems, and stream ciphers that execute all processes in parallel, including the processes of n stream cipher encryptors or stream cipher decryptors. It is an object to provide an encryption apparatus, a stream encryption decryption apparatus, a stream encryption encryption method, a stream encryption decryption method, and a program.

  The present invention proposes the following matters in order to solve the above problems. In addition, in order to make an understanding easy, although the code | symbol corresponding to embodiment of this invention is attached | subjected and demonstrated, it is not limited to this.

(1) The present invention includes n stream cipher encryptors (for example, equivalent to the stream ciphers 200a, 200b, 200c,..., 200x, 200y, and 200z in FIG. 1), and the n streams A parallel processing cipher module (for example, equivalent to the parallel processing cipher module 100 in FIG. 1) for controlling the cipher encryptor and n ciphertexts output from the n stream cipher encryptors are combined. And a ciphertext combining module (for example, corresponding to the ciphertext combining module 300 in FIG. 1) that outputs a final ciphertext, and the parallel processing cipher module includes an initial value of L− n bits, a plaintext, and a secret An input means for inputting a key (for example, corresponding to the input unit 110 in FIG. 2), an n-bit initial value, and the generated n-bit initial value and the input L− n-bit initial value Result Initial value generation means for generating an initial value of L bits to (e.g., corresponding to the initial value generation unit 120 of FIG. 2) and the dividing means for dividing inputted plaintext into n (for example, division section of FIG. 2 130), and the initial value of the L bit generated by the initial value generating means is output to the n stream cipher encryptors, and the plaintext divided into 1 / n is converted into the n There has been proposed a stream cipher encryption device comprising output means (for example, corresponding to the output unit 140 in FIG. 2) for outputting to each stream cipher encryptor.

According to the present invention, the input means of the parallel processing cryptographic module inputs the initial value of L− n bits, the plaintext, and the secret key. The initial value generating means generates an n-bit initial value and combines the generated n-bit initial value with the input L- n bit initial value to generate an L- bit initial value. The dividing means divides the input plaintext into n pieces. The output means outputs the L- bit initial value generated by the initial value generation means to the n stream cipher encryptors, and encrypts the n-stream cipher of the secret key and the plaintext divided into 1 / n. Output to the instrument. Therefore, the plaintext is divided into 1 / n, and the plaintext divided into n stream cipher encryptors and the initial value unique to the encryptor of each stream cipher generated by the initial value generating means are given, and the ciphertext A series of processes up to generation can be performed in parallel.

(2) In the stream cipher encryption device according to (1), the n stream cipher encryptors input an L-bit initial value and a secret key from the parallel processing cipher module , Initialization processing means (for example, equivalent to the initialization processing unit 210 in FIG. 3) for initializing the internal state, and key sequence generation means for generating a key sequence using the internal state (for example, the key in FIG. 3) A ciphertext generating means (for example, corresponding to the ciphertext generating unit 230 in FIG. 3) that performs an exclusive OR operation between the generated key sequence and the input plaintext to generate a ciphertext. And a stream cipher encryption device characterized by comprising the following.

According to the present invention, the initialization processing means of the n stream cipher encryptors inputs the L-bit initial value and the secret key from the parallel processing cryptographic module , and performs the internal state initialization processing. The key sequence generation means generates a key sequence using the internal state. The ciphertext generation unit performs an exclusive OR operation between the generated key sequence and the input plaintext to generate a ciphertext. Accordingly, initialization processing, key sequence generation processing, and ciphertext generation processing can be executed in parallel by each stream cipher encryptor.

  (3) The present invention relates to the stream cipher encryption device according to (1), wherein the parallel processing cryptographic module generates an arbitrary lower bit of the input secret key and generates n different secret keys. Key generation means (for example, equivalent to the secret key generation unit 160 in FIG. 2) and secret key distribution means (for example, in FIG. 2) that distributes the generated secret keys to n stream cipher encryptors one by one. And a stream cipher encryption device characterized by comprising a distribution unit 170).

  According to this invention, the secret key generating means of the parallel processing cryptographic module generates an arbitrary lower bit of the input secret key and generates n different secret keys. The secret key distribution means distributes the generated secret keys one by one to n stream cipher encryptors. Therefore, the security can be improved by distributing different secret keys to the encryptors of the stream ciphers.

  (4) According to the present invention, in the stream cipher encryption device of (1), the ciphertext combining module generates header information generating means (for example, equivalent to the header information generating unit 150 of FIG. 2) for generating header information. The stream cipher encrypting device, wherein the n stream cipher encryptors attach the generated header information to the ciphertext subjected to encryption processing and output the ciphertext combining module to output the ciphertext combining module Has proposed.

  According to this invention, the header information generating means of the ciphertext combining module generates header information. Then, n stream cipher encryptors attach the generated header information to the encrypted ciphertext and output it to the ciphertext combining module. Thus, necessary information can be provided when decrypting the ciphertext.

(5) The present invention relates to the stream cipher encryption device of ( 3 ), wherein the header information includes a delimiter for recognizing a data break, a ciphertext length, an initial value, and a number of a used stream cipher module. A stream cipher encryption device characterized by this is proposed.

  According to the present invention, the header information includes a delimiter for recognizing data breaks, a ciphertext length, an initial value, and a number of a used stream cipher module. Thereby, when the ciphertext is decrypted, the boundary of the ciphertext can be confirmed, and information for generating the initial value can be obtained.

(6) The present invention is a stream cipher decrypting device for decrypting ciphertext encrypted by the stream cipher encrypting device according to (4) or (5) , wherein n stream cipher decryptors ( For example, the parallel processing decryption module (for example, FIG. 6) that controls the stream decoders 500a, 500b, 500c,..., 500x, 500y, and 500z in FIG. And a plaintext combination module (for example, the plaintext of FIG. 6) that combines the n plaintexts output from the n stream cipher decoders and outputs the final plaintext. and equivalent) to coupling module 600, wherein the parallel processing decoder module, an input means for inputting the initial value and the ciphertext and the secret key of L -n bits (e.g., the input of FIG. 7 410), header information separation means for separating header information from the input ciphertext (for example, equivalent to the header information separation unit 420 in FIG. 7), and an n-bit initial value based on the separated header information Initial value generating means for generating a value and combining the generated n-bit initial value and the input L- n-bit initial value to generate an L- bit initial value (for example, the initial value generating unit in FIG. 7) 430), a dividing means for dividing the ciphertext into n based on the inputted header information (for example, equivalent to the dividing section 440 in FIG. 7), and an L bit generated by the initial value generating means An output means for outputting an initial value to the n stream ciphers and outputting the secret key and the ciphertext divided into 1 / n to the n stream ciphers (for example, Output unit 450 in FIG. And equivalent), it proposes a decoding device of a stream cipher that comprising the.

According to this invention, the input means of the parallel processing decryption module inputs the initial value of L− n bits, the ciphertext, and the secret key. The header information separating unit separates the header information from the input ciphertext. The initial value generation means generates an n-bit initial value based on the separated header information, and combines the generated n-bit initial value and the input L− n-bit initial value to generate an L- bit initial value. Is generated. The dividing means divides the ciphertext into n pieces based on the input header information. The output means outputs the initial value of the L bit generated by the initial value generation means to the n stream cipher decryptors, and also outputs the secret key and the ciphertext divided into 1 / n of the n stream ciphers. Output to the decoder. Therefore, the ciphertext is divided into 1 / n, and the initial value unique to the encryptor of each stream cipher generated by the initial value generating means based on the ciphertext and header information divided into n stream cipher encryptors , It is possible to perform a series of processes up to decryption of plaintext in parallel.

(7) In the stream cipher encryption apparatus according to (6), the n stream cipher decoders receive an L-bit initial value and a secret key from the parallel processing decryption module , and Initialization processing means for performing state initialization processing (for example, equivalent to the initialization processing unit 510 in FIG. 8) and key sequence generation means for generating a key sequence using the internal state (for example, key sequence in FIG. 8) Generating unit 520), a plaintext generating unit (for example, corresponding to the plaintext generating unit 530 in FIG. 8) that performs an exclusive OR operation between the generated key sequence and the input ciphertext, and generates a plaintext. And a stream cipher decryption device characterized by comprising:

  According to the present invention, the initialization processing means of the n number of stream cipher decoders receives the initial value and the secret key, and performs the initialization process of the internal state. The key sequence generation means generates a key sequence using the internal state. The plaintext generation means performs an exclusive OR operation between the generated key sequence and the input ciphertext to generate plaintext. Accordingly, initialization processing, key sequence generation processing, and plaintext generation processing can be executed in parallel by each stream cipher decryptor.

  (8) According to the present invention, in the stream cipher encryption device according to (6), the parallel processing decryption module generates a lower-order arbitrary bit of the input secret key and generates n different secret keys. Generation means (for example, equivalent to the secret key generation unit 460 in FIG. 7) and secret key distribution means for distributing the generated secret keys one by one to n stream cipher decoders (for example, distribution in FIG. 7) And a stream cipher decryption device characterized by comprising the following:

  According to this invention, the secret key generation means of the parallel processing decryption module generates an arbitrary lower bit of the input secret key and generates n different secret keys. The secret key distribution means distributes the generated secret keys one by one to n stream cipher decryptors. Therefore, the security can be improved by distributing different secret keys to the decoders of the respective stream ciphers.

(9) The present invention outputs n stream cipher encryptors, a parallel processing decryption module that controls the n stream cipher encryptors, and the n stream cipher encryptors. A ciphertext combining module that combines n ciphertexts to output a final ciphertext, and a stream cipher encryption method in a stream cipher encryption device, the parallel processing decryption module comprising: A first step (for example, corresponding to step S101 in FIG. 5) of inputting an initial value of L− n bits, a plaintext, and a secret key, and the parallel processing decoding module generates an initial value of n bits, a second step of generating an initial value of L bits by combining the initial value of L -n-bit input as an initial value of n bits thus generated (for example, corresponding to step S102 of FIG. 5), the parallel Management decryption module, and a third step of dividing the plaintext and the input into n (for example, corresponding to step S103 of FIG. 5), the parallel processing decoder module, the L bits generated in the second step A fourth step (for example, outputting the initial value to the n stream cipher encryptors and outputting the secret key and the plaintext divided into 1 / n to the n stream cipher encryptors (for example, , Which corresponds to step S104 in FIG. 5).

According to the present invention, the parallel processing decryption module inputs an L- n-bit initial value, a plaintext, and a secret key, generates an n-bit initial value, and generates the generated n-bit initial value and the input L − An n-bit initial value is combined to generate an L- bit initial value. Also, the input plaintext is divided into n pieces, and the initial value of the L bit generated in the second step is output to the n stream cipher encryptors, and the plaintext divided into 1 / n is also obtained. Output to n stream cipher encryptors. Therefore, the plaintext is divided into 1 / n, and the plaintext divided into n stream cipher encryptors and the initial value unique to the encryptor of each stream cipher generated by the initial value generating means are given, and the ciphertext A series of processes up to generation can be performed in parallel.

(10) The present invention is a stream cipher decryption method in a stream cipher decryption device for decrypting ciphertext encrypted by the stream cipher encryptor of (4) or (5) , wherein n A stream cipher decryptor, a parallel processing decryption module for controlling the n stream cipher decryptors, and n plaintexts output from the n stream cipher decryptors are combined to obtain a final result. A plaintext combining module for outputting a plaintext, wherein the parallel processing decryption module inputs an initial value of L- n bits, a ciphertext, and a secret key (for example, step S201 in FIG. 9). The parallel processing decryption module separates header information from the input ciphertext (for example, equivalent to step S202 in FIG. 9), and the parallel processing No. module, based on the header information said separated, it generates an initial value of n bits, said generated n type as the initial value of the bits were L initial value of -n bit and combined with the initial value of L bits A third step (for example, corresponding to step S203 of FIG. 9) and a fourth step (for example, the parallel processing decryption module divides the ciphertext into n based on the input header information (for example, , Corresponding to step S204 in FIG. 9), and the parallel processing decryption module outputs the L- bit initial value generated in the third step to the n number of stream ciphers, and the secret key And a fifth step (for example, corresponding to step S205 in FIG. 9) for outputting the ciphertext divided into 1 / n to the n stream cipher decryptors. We propose a method of decoding a stream cipher to symptoms.

According to this invention, the parallel processing decryption module inputs an initial value of L- n bits, a ciphertext, and a secret key, and separates header information from the input ciphertext. Also, an n-bit initial value is generated based on the separated header information, and the generated n-bit initial value and the input L− n-bit initial value are combined to generate an L- bit initial value. Then, based on the input header information, the ciphertext is divided into n pieces, and the initial value of the L bit generated in the third step is output to the n number of stream ciphers, and the secret key and 1 The ciphertext divided into / n is output to n stream cipher decryptors. Therefore, the ciphertext is divided into 1 / n, and the initial value unique to the encryptor of each stream cipher generated by the initial value generating means based on the ciphertext and header information divided into n stream cipher encryptors , It is possible to perform a series of processes up to decryption of plaintext in parallel.

(11) The present invention outputs n stream cipher encryptors, a parallel processing cipher module for controlling the n stream cipher encryptors, and the n stream cipher encryptors. And a ciphertext combining module that combines n ciphertexts and outputs a final ciphertext, and a program for causing a computer to execute a stream cipher encryption method in a stream cipher encryption device. Then, the parallel processing decryption module receives a first step (for example, equivalent to step S101 in FIG. 5) of inputting an initial value of L− n bits, a plaintext, and a secret key, and the parallel processing decryption module includes n a second step of generating an initial value of the bits, by combining the initial value of L -n-bit input as an initial value of n bits thus generated to generate the initial value of L bits (e.g. 5 (corresponding to step S102 in FIG. 5), the third step in which the parallel processing decoding module divides the input plaintext into n pieces (for example, corresponding to step S103 in FIG. 5), and the parallel processing decoding module The initial value of the L bit generated in the second step is output to the n stream cipher encryptors, and the secret key and the plaintext divided into 1 / n are output to the n stream ciphers. A program for causing a computer to execute a fourth step (for example, corresponding to step S104 in FIG. 5) to be output to an encryptor is proposed.

According to the present invention, the parallel processing decryption module inputs an L- n-bit initial value, a plaintext, and a secret key, generates an n-bit initial value, and generates the generated n-bit initial value and the input L − An n-bit initial value is combined to generate an L- bit initial value. Also, the input plaintext is divided into n pieces, and the initial value of the L bit generated in the second step is output to the n stream cipher encryptors, and the plaintext divided into 1 / n is also obtained. Output to n stream cipher encryptors. Therefore, the plaintext is divided into 1 / n, and the plaintext divided into n stream cipher encryptors and the initial value unique to the encryptor of each stream cipher generated by the initial value generating means are given, and the ciphertext A series of processes up to generation can be performed in parallel.

(12) The present invention is for causing a computer to execute a stream cipher decryption method in a stream cipher decryption device that decrypts a ciphertext encrypted by the stream cipher encryptor of (4) or (5) . A program comprising: n stream cipher decryptors; a parallel processing cipher module for controlling the n stream cipher decryptors; and n streams output from the n stream cipher decryptors. A plaintext combining module that combines the plaintexts and outputs a final plaintext, wherein the parallel processing decryption module inputs an initial value of L- n bits, a ciphertext, and a secret key. (For example, corresponding to step S201 in FIG. 9) and the parallel processing decryption module in a second step (for example, FIG. And corresponding to step S202), the parallel processing decoder module, based on the header information said separated, it generates an initial value of n bits, the initial value of L -n-bit input as an initial value of n bits thus generated Are combined with each other to generate an initial value of L bits (for example, corresponding to step S203 in FIG. 9), and the parallel processing decryption module converts the ciphertext into n based on the input header information. A fourth step (for example, corresponding to step S204 in FIG. 9), and the parallel processing decryption module decrypts the initial value of the L bits generated in the third step into the n stream ciphers. And outputting the secret key and the ciphertext divided into 1 / n to the decryptors of the n stream ciphers (for example, FIG. 9). We propose a program to be executed and corresponding to step S205), to the computer.

According to this invention, the parallel processing decryption module inputs an initial value of L- n bits, a ciphertext, and a secret key, and separates header information from the input ciphertext. Also, an n-bit initial value is generated based on the separated header information, and the generated n-bit initial value and the input L− n-bit initial value are combined to generate an L- bit initial value. Then, based on the input header information, the ciphertext is divided into n pieces, and the initial value of the L bit generated in the third step is output to the n number of stream ciphers, and the secret key and 1 The ciphertext divided into / n is output to n stream cipher decryptors. Therefore, the ciphertext is divided into 1 / n, and the initial value unique to the encryptor of each stream cipher generated by the initial value generating means based on the ciphertext and header information divided into n stream cipher encryptors , It is possible to perform a series of processes up to decryption of plaintext in parallel.

  According to the present invention, a plurality of stream cipher encryption / decryption processes are executed in parallel and multiplexed, thereby realizing an effect that a higher-speed encryption / decryption process can be realized.

It is a figure which shows the structure of the encryption apparatus of the stream encryption which concerns on the 1st Embodiment of this invention. It is a figure which shows the structure of the parallel processing encryption module in the encryption apparatus of the stream encryption which concerns on the 1st Embodiment of this invention. It is a figure which shows the structure of the stream encryption device in the encryption apparatus of the stream encryption which concerns on the 1st Embodiment of this invention. It is the figure which illustrated the data structure output from a stream encryption device in the encryption apparatus of the stream encryption which concerns on the 1st Embodiment of this invention. It is a figure which shows the process of the encryption apparatus of the stream encryption which concerns on the 1st Embodiment of this invention. It is a figure which shows the structure of the decoding apparatus of the stream encryption which concerns on the 2nd Embodiment of this invention. It is a figure which shows the structure of the parallel processing encryption module in the decoding apparatus of the stream encryption which concerns on the 2nd Embodiment of this invention. It is a figure which shows the structure of the stream encryption device in the encryption apparatus of the stream encryption which concerns on the 2nd Embodiment of this invention. It is a figure which shows the process of the decoding apparatus of the stream encryption which concerns on the 2nd Embodiment of this invention.

Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.
Note that the constituent elements in the present embodiment can be appropriately replaced with existing constituent elements and the like, and various variations including combinations with other existing constituent elements are possible. Therefore, the description of the present embodiment does not limit the contents of the invention described in the claims.

  The stream cipher encryption apparatus and the stream cipher decryption apparatus according to the present invention will be described in detail below with reference to FIGS.

<First Embodiment>
A stream cipher encryption apparatus according to this embodiment will be described with reference to FIGS. 1 to 4.

<Configuration of Stream Cipher Encryption Device>
As shown in FIG. 1, the encryption apparatus for stream encryption according to the present embodiment includes a parallel processing encryption module 100, a plurality of stream encryption devices 200a, 200b, 200c,..., 200x, 200y, 200z, and encryption. The sentence combination module 300 is configured.

The parallel processing cryptographic module 100 inputs an initial value of L− n (n: the number of stream ciphers) bits, a plaintext, and a secret key, generates an n-bit initial value, and generates the generated n-bit initial value. An L- bit initial value is generated by combining the input L- n bit initial value. Also, the input plaintext is divided into n pieces, and the generated L- bit initial value is output to the n stream ciphers 200a, 200b, 200c,..., 200x, 200y, 200z, and the secret key and 1 The plaintext divided into / n is output to n stream ciphers 200a, 200b, 200c,..., 200x, 200y, and 200z.

  The stream ciphers 200a, 200b, 200c,..., 200x, 200y, and 200z receive the initial value and the secret key, and perform an internal state initialization process. Also, a key sequence is generated using the internal state. Further, an exclusive OR operation between the generated key sequence and the input plaintext is performed to generate a ciphertext.

  As shown in FIG. 4, the ciphertext combining module 300 attaches the generated header information to the ciphertext encrypted by the stream ciphers 200a, 200b, 200c,..., 200x, 200y, and 200z. The obtained information is used as one unit, and these are concatenated and output as ciphertext.

<Configuration of parallel processing cryptographic module>
As shown in FIG. 2, the parallel processing cryptographic module according to the present embodiment includes an input unit 110, an initial value generation unit 120, a division unit 130, an output unit 140, a header information generation unit 150, and a secret key generation. Section 160 and distribution section 170.

The input unit 110 inputs an initial value of L− n bits, a plaintext, and a secret key. Here, n corresponds to the number of stream ciphers 200a, 200b, 200c,..., 200x, 200y, 200z.

The initial value generation unit 120 generates an n-bit initial value, and combines the generated n-bit initial value and the input L− n-bit initial value to generate an L- bit initial value. In this case, the generated n-bit initial value is a reserved value. The dividing unit 130 divides the input plaintext into n pieces. The output unit 140 outputs the L- bit initial value generated by the initial value generation unit 120 to n stream ciphers, and outputs the secret key and the plaintext divided into 1 / n to the n stream ciphers. Output.

  The header information generation unit 150 generates header information based on information obtained from the initial value generation unit 120 and the division unit 130. The secret key generation unit 160, when giving a different secret key for each of the stream ciphers 200a, 200b, 200c,..., 200x, 200y, 200z instead of the input secret key, N different secret keys are generated using any bit of as a reserved value. The distribution unit 170 distributes the generated secret key to each of the stream ciphers 200a, 200b, 200c, ..., 200x, 200y, 200z one by one.

<Configuration of stream cipher>
As shown in FIG. 3, the stream cipher according to the present embodiment includes an initialization processing unit 210, a key sequence generation unit 220, and a ciphertext generation unit 230.

  The initialization processing unit 210 receives an initial value and a secret key, and performs an internal state initialization process. The key sequence generation unit 220 generates a key sequence using the internal state. The ciphertext generation unit 230 performs an exclusive OR operation between the generated key sequence and the input plaintext to generate a ciphertext.

<Processing of encryption device for stream cipher>
The processing of the stream cipher encryption apparatus according to this embodiment will be described with reference to FIG.
The parallel processing cryptographic module inputs the L- n bit initial value, the plaintext, and the secret key (step S101), generates an n-bit initial value, and generates the generated n-bit initial value and the input L- n bit. Are combined with the initial value to generate an L- bit initial value (step S102). Also, the input plaintext is divided into n pieces (step S103), the initial value of the L bit generated in step S102 is output to n stream ciphers, and the plaintext divided into 1 / n is divided into n pieces. Are output to the stream ciphers (step S104).

Each stream cipher receives an L- bit initial value and a secret key from the parallel processing cryptographic module, executes an initialization process, and generates a key sequence using an internal state. Further, an exclusive OR operation between the generated key sequence and the input plaintext is performed to generate a ciphertext. In addition, header information including a delimiter for recognizing data breaks, a ciphertext length, an initial value, and the number of the used stream cipher module is generated. The generated ciphertext and unique header information are output to the ciphertext combining module. The ciphertext combining module combines input information and outputs the combined information.

The parallel processing decryption module 400 inputs an initial value of L− n (n: the number of stream ciphers) bits, a ciphertext with header information, and a secret key, separates the header information, and based on the header information, An n-bit initial value is generated, and the generated n-bit initial value and the input L− n-bit initial value are combined to generate an L- bit initial value. In addition, the ciphertext from which the header information is separated is divided into n pieces, and the generated L- bit initial value is output to n stream decoders 500a, 500b, 500c,..., 500x, 500y, 500z, The secret key and the ciphertext divided into 1 / n are output to n stream decoders 500a, 500b, 500c,..., 500x, 500y, 500z.

<Second Embodiment>
The stream cipher decryption apparatus according to this embodiment will be described with reference to FIGS. Note that the stream cipher decryption apparatus according to the present embodiment restores the ciphertext encrypted according to the first embodiment into plaintext.

<Configuration of Decryption Device for Stream Cipher>
As shown in FIG. 6, the decryption apparatus for the stream cipher according to this embodiment includes a parallel processing decryption module 400, a plurality of stream decryptors 500a, 500b, 500c,..., 500x, 500y, 500z, and plaintext. It is comprised from the coupling module 600.

The parallel processing decryption module 400 inputs an initial value of L− n (n: the number of stream ciphers) bits, a ciphertext with header information, and a secret key, separates the header information, and based on the header information, An n-bit initial value is generated, and the generated n-bit initial value and the input L− n-bit initial value are combined to generate an L- bit initial value. In addition, the ciphertext from which the header information is separated is divided into n pieces, and the generated L- bit initial value is output to n stream decoders 500a, 500b, 500c,..., 500x, 500y, 500z, The secret key and the ciphertext divided into 1 / n are output to n stream decoders 500a, 500b, 500c,..., 500x, 500y, 500z.

  The stream decoders 500a, 500b, 500c,..., 500x, 500y, 500z input the initial value and the secret key, and perform initialization processing of the internal state. Also, a key sequence is generated using the internal state. Further, an exclusive OR operation between the generated key sequence and the input ciphertext is performed to generate plaintext.

  The plaintext combining module 600 concatenates and outputs the plaintexts that the stream decoders 500a, 500b, 500c,..., 500x, 500y, and 500z perform the decryption processing.

<Configuration of parallel processing cryptographic module>
As shown in FIG. 7, the parallel processing decryption module according to the present embodiment includes an input unit 410, a header information separation unit 420, an initial value generation unit 430, a division unit 440, an output unit 450, and a secret key generation. A section 460 and a distribution section 470 are included.

The input unit 410 inputs an initial value of L− n bits, a ciphertext with header information, and a secret key. Here, n corresponds to the number of stream decoders 500a, 500b, 500c,..., 500x, 500y, 500z.

The header information separation unit 420 separates the header information from the input ciphertext with header information, outputs the separated header information to the initial value generation unit 430, and outputs the ciphertext to the division unit 440. The dividing unit 440 divides the input ciphertext into 1 / n and outputs it to the output unit 450. The initial value generation unit 430, based on the input header information, generates an initial value of n bits, resulting n by combining the initial value of L -n-bit input as an initial value of L bits of the bit Initial Generate a value. In this case, the generated n-bit initial value is a reserved value. The output unit 450 outputs the L- bit initial value generated by the initial value generation unit 430 to the n stream decoders 500a, 500b, 500c,..., 500x, 500y, 500z, and the secret key and 1 / The ciphertext divided into n is output to n stream decoders 500a, 500b, 500c,..., 500x, 500y, and 500z.

  The secret key generation unit 460, when giving a different secret key to each of the stream decoders 500a, 500b, 500c,..., 500x, 500y, 500z, instead of the input secret key, N different secret keys are generated using any bit of as a reserved value. The distribution unit 470 distributes the generated secret key to each of the stream ciphers 200a, 200b, 200c, ..., 200x, 200y, 200z one by one.

<Configuration of stream cipher>
As shown in FIG. 8, the stream cipher according to this embodiment includes an initialization processing unit 510, a key sequence generation unit 520, and a plaintext generation unit 530.

  The initialization processing unit 510 receives an initial value and a secret key, and performs an internal state initialization process. The key sequence generation unit 520 generates a key sequence using the internal state. The plaintext generation unit 530 performs an exclusive OR operation between the generated key sequence and the input ciphertext to generate plaintext.

<Processing of Decryption Device for Stream Cipher>
The processing of the stream cipher decryption apparatus according to this embodiment will be described with reference to FIG.
The parallel processing decryption module inputs an initial value of L− n bits, a ciphertext, and a secret key (step S201), and separates header information from the input ciphertext (step S201). Next, based on the header information, an n-bit initial value is generated, and the generated n-bit initial value and the input L- n-bit initial value are combined to generate an L- bit initial value (step) S203). Further, based on the header information, the input ciphertext is divided into n pieces (step S204), the initial value of the L bit generated in step S203 is output to n stream decoders, and the secret key and 1 / The ciphertext divided into n is output to n stream decryptors (step S205).

  Each stream decoder receives an l-bit initial value and a secret key from the parallel processing decryption module, executes an initialization process, and generates a key sequence using an internal state. Further, an exclusive OR operation between the generated key sequence and the input ciphertext is performed to generate plaintext. Then, the generated plaintext is output to the plaintext combination module. The plaintext combining module combines the input information and outputs it.

  As described above, according to the present embodiment, the ciphertext is divided into 1 / n, and the initial value generating unit generates the ciphertext divided into n stream cipher encryptors and the header information. By giving an initial value unique to each stream decoder, a series of processing up to plaintext decoding can be performed in parallel.

  The processing of the stream cipher encryptor or the stream cipher decryptor is recorded on a computer-readable recording medium, and the program recorded on the recording medium is read by the stream cipher encryptor or the stream cipher decryptor. By executing this, the stream cipher encryptor or the stream cipher decryptor of the present invention can be realized. The computer system here includes an OS and hardware such as peripheral devices.

  Further, the “computer system” includes a homepage providing environment (or display environment) if a WWW (World Wide Web) system is used. The program may be transmitted from a computer system storing the program in a storage device or the like to another computer system via a transmission medium or by a transmission wave in the transmission medium. Here, the “transmission medium” for transmitting the program refers to a medium having a function of transmitting information, such as a network (communication network) such as the Internet or a communication line (communication line) such as a telephone line.

  The program may be for realizing a part of the functions described above. Furthermore, what can implement | achieve the function mentioned above in combination with the program already recorded on the computer system, and what is called a difference file (difference program) may be sufficient.

  The embodiments of the present invention have been described in detail with reference to the drawings. However, the specific configuration is not limited to the embodiments, and includes designs and the like that do not depart from the gist of the present invention.

100; parallel processing cryptographic module 110; input unit 120; initial value generation unit 130; division unit 140; output unit 150; header information generation unit 160; secret key generation unit 170; distribution units 200a, 200b, 200c,. 200x, 200y, 200z; stream cipher 210; initialization processing unit 220; key sequence generation unit 230; ciphertext generation unit 300; ciphertext combination module 400; parallel processing decryption module 410; input unit 420; header information separation unit 430 Initial value generation unit 440; division unit 450; output unit 460; secret key generation unit 470; distribution unit 500a, 500b, 500c, ..., 500x, 500y, 500z; stream decoder 510; initialization processing unit 520; Key sequence generation unit 530; plaintext generation unit 600; plaintext combination module

Claims (12)

n stream cipher encryptors;
A parallel processing cryptographic module for controlling the n stream cipher encryptors;
A ciphertext combining module that combines n ciphertexts output from the n stream cipher encryptors and outputs a final ciphertext;
With
The parallel processing cryptographic module is
An input means for inputting an initial value of L− n bits, a plaintext, and a secret key;
initial value generating means for generating an n-bit initial value and combining the generated n-bit initial value and the input L- n bit initial value to generate an L- bit initial value;
Dividing means for dividing the inputted plaintext into n pieces;
The L- bit initial value generated by the initial value generating means is output to the n stream cipher encryptors, and the private key and the plaintext divided into 1 / n are encrypted with the n stream ciphers. Output means for outputting to the generator;
A stream cipher encryption apparatus comprising: The n stream cipher encryptors are:
An initialization processing means for inputting an L-bit initial value and a secret key from the parallel processing cryptographic module and performing initialization processing of an internal state;
A key sequence generating means for generating a key sequence using an internal state;
A ciphertext generating means for performing an exclusive OR operation between the generated key sequence and the input plaintext to generate a ciphertext;
The stream cipher encryption apparatus according to claim 1, further comprising: The parallel processing cryptographic module is
A secret key generating means for generating an arbitrary lower bit of the input secret key and generating n different secret keys;
Secret key distribution means for distributing the generated secret keys one by one to n stream cipher encryptors;
The stream cipher encryption apparatus according to claim 1, further comprising: The ciphertext combining module includes header information generating means for generating header information;
2. The stream according to claim 1, wherein the n stream cipher encryptors attach the generated header information to a ciphertext subjected to an encryption process, and output the ciphertext combining module to the ciphertext combining module. Cryptographic encryption device. 5. The stream cipher according to claim 4 , wherein the header information includes a delimiter for recognizing data breaks, a ciphertext length, an initial value (a part of the ciphertext), and a number of a used stream cipher module. Encryption device. A stream cipher decrypting device for decrypting a ciphertext encrypted by the stream cipher encrypting device according to claim 4 ,
n stream cipher decryptors;
A parallel processing decryption module for controlling the n stream cipher decryptors;
A plaintext combining module that combines n plaintexts output from the n stream cipher decoders and outputs a final plaintext;
With
The parallel processing decoding module is
Input means for inputting an initial value of L− n bits, a ciphertext, and a secret key;
Header information separating means for separating header information from the input ciphertext;
Early based converting said separated header information to generate an initial value of n bits, to generate an initial value of L bits by combining the initial value of L -n-bit input as an initial value of n bits thus generated Value generation means;
Splitting means for splitting the ciphertext into n based on the input header information;
The L- bit initial value generated by the initial value generating means is output to the n number of stream cipher decoders, and the secret key and the 1 / n ciphertext are converted into the n stream ciphers. Output means for outputting to the decoder;
An apparatus for decrypting a stream cipher, comprising: The n number of stream cipher decoders;
An initialization processing means for inputting an L-bit initial value and a secret key from the parallel processing decryption module and performing an initialization process of an internal state;
A key sequence generating means for generating a key sequence using an internal state;
A ciphertext generating means for performing an exclusive OR operation between the generated key sequence and the input ciphertext, and generating plaintext;
The stream cipher decryption apparatus according to claim 6, further comprising: The parallel processing decoding module is
A secret key generating means for generating an arbitrary lower bit of the input secret key and generating n different secret keys;
Secret key distribution means for distributing the generated secret key to n stream ciphers one by one;
The stream cipher decryption apparatus according to claim 6, further comprising: n stream cipher encryptors;
A parallel processing cryptographic module for controlling the n stream cipher encryptors;
A ciphertext combining module that combines the n ciphertexts output from the n stream cipher encryptors and outputs a final ciphertext; An encryption method,
A first step in which the parallel processing cryptographic module inputs an initial value of L- n bits, a plaintext, and a secret key;
The parallel processing cryptographic module generates an n-bit initial value, and combines the generated n-bit initial value and the input L- n-bit initial value to generate an L- bit initial value. Steps,
A third step in which the parallel processing cryptographic module divides the inputted plaintext into n pieces;
The parallel processing cryptographic module outputs the L- bit initial value generated in the second step to the n stream cipher encryptors, and the secret key and the plaintext divided into 1 / n are a fourth step of outputting to n stream cipher encryptors;
A stream cipher encryption method characterized by comprising: A method for decrypting a stream cipher in a stream cipher decrypting device for decrypting a ciphertext encrypted by the stream cipher encrypting device according to claim 4 ,
n stream cipher decryptors;
A parallel processing decryption module for controlling the n stream cipher decryptors;
A plaintext combining module that combines n plaintexts output from the n stream cipher decoders and outputs a final plaintext;
With
A first step in which the parallel processing decryption module inputs an initial value of L- n bits, a ciphertext, and a secret key;
A second step in which the parallel processing decryption module separates header information from the input ciphertext;
The parallel processing decoding module generates an n-bit initial value based on the separated header information, and combines the generated n-bit initial value with the input L− n-bit initial value to generate L bits A third step of generating an initial value of
A fourth step in which the parallel processing decryption module divides the ciphertext into n pieces based on the inputted header information;
The parallel processing decryption module outputs the initial value of the L bit generated in the third step to the decryptors of the n stream ciphers, and the ciphertext divided into the secret key and the 1 / n A fifth step of outputting to the n stream cipher decoders;
A method of decrypting a stream cipher, comprising: n stream cipher encryptors;
A parallel processing cryptographic module for controlling the n stream cipher encryptors;
A ciphertext combining module that combines the n ciphertexts output from the n stream cipher encryptors and outputs a final ciphertext; A program for causing a computer to execute an encryption method,
A first step in which the parallel processing cryptographic module inputs an initial value of L- n bits, a plaintext, and a secret key;
The parallel processing cryptographic module generates an n-bit initial value, and combines the generated n-bit initial value and the input L- n-bit initial value to generate an L- bit initial value. Steps,
A third step in which the parallel processing cryptographic module divides the inputted plaintext into n pieces;
The parallel processing cryptographic module outputs the L- bit initial value generated in the second step to the n stream cipher encryptors, and the secret key and the plaintext divided into 1 / n are a fourth step of outputting to n stream cipher encryptors;

A program that causes a computer to execute. A program for causing a computer to execute a stream cipher decryption method in a stream cipher decryption device that decrypts a ciphertext encrypted by the stream cipher encryption device according to claim 4 ,
n stream cipher decryptors;
A parallel processing decryption module for controlling the n stream cipher decryptors;
A plaintext combining module that combines n plaintexts output from the n stream cipher decoders and outputs a final plaintext;
With
A first step in which the parallel processing decryption module inputs an initial value of L- n bits, a ciphertext, and a secret key;
A second step in which the parallel processing decryption module separates header information from the input ciphertext;
The parallel processing decoding module generates an n-bit initial value based on the separated header information, and combines the generated n-bit initial value with the input L− n-bit initial value to generate L bits A third step of generating an initial value of
A fourth step in which the parallel processing decryption module divides the ciphertext into n pieces based on the inputted header information;
The parallel processing decryption module outputs the initial value of the L bit generated in the third step to the decryptors of the n stream ciphers, and the ciphertext divided into the secret key and the 1 / n A fifth step of outputting to the n stream cipher decoders;
A program that causes a computer to execute.

Images