JPH0289082A - Color conversion system - Google Patents

Abstract

PURPOSE:To prevent a conversion key from being easily analyzed even at the time of leak of data before and after data conversion by providing a first arithmetic means for arithmetic processing first and second input values and a functional processing means for functional processing between the output of the first arithmetic means and the second input value and taking the output of the functional processing means as the data conversion value. CONSTITUTION:A first arithmetic means 1 for arithmetic processing first and second input values and a functional processing means 2 for functional processing between the output of the first arithmetic means 1 and the second input value are provided. The arithmetic processing first and second input values is performed in the first arithmetic means 1. An arbitrary function is used to perform the functional processing between the second input value used in the first arithmetic means 1 and the output of the first arithmetic means 1 in the functional processing means 2, and the output of the functional processing means 2 is the data conversion value to be obtained. Thus, the conversion key is not easily analyzed even if data before and after data conversion are leaked.

Description

[Detailed Description of the Invention] [Objective of the Invention] (Industrial Application Field) The present invention converts data in advance according to a common value, and the converted value can be used in various processing devices, and can be used as needed. This invention relates to a data conversion method that can reversely transform and restore data that has been converted using a common value.

(Prior Art) As various tasks in society become computerized, maintaining the confidentiality of computerized messages becomes increasingly important. In recent years, a data conversion method (hereinafter referred to as an encryption method) has been actively discussed as a means of protecting such highly confidential data from unauthorized access. Ciphers are classified into several types based on their characteristics, and among them, block-type conventional ciphers, which are particularly closely related to the present invention, will be described. A typical cipher belonging to this category is, for example, the DES system in the United States. A typical use of block-type conventional ciphers is to prevent leakage of messages to third parties in digital data communications. FIG. 7 shows this block diagram. In this case, the sender and receiver of digital data have key data K in common in advance as information common to both parties.

K is data of a constant size. In this DES system, 56-bit data is used as K. In conventional cryptography, data confidentiality is maintained by keeping K secret from third parties. When performing encrypted communication using a conventional cipher, the sender first divides the digital data M to be sent into input block lengths for the encryption procedure, and converts each block according to K using the encryptor 13. to obtain ciphertext C. The cryptographic algorithm is designed such that it is difficult to recover the original data from the result of this conversion without knowing Kt.

Therefore, even if the ciphertext C flowing through the communication line is intercepted, a third party who does not know K will not be able to tell what the original data is.

On the other hand, a valid receiver who knows K can know the data M from the sender using C, the decoding procedure, and KK.

In addition to the use of such data conversion, conventional cryptography can also be used to verify whether or not the communication partner is a legitimate partner (referred to as partner authentication). Next, a method that makes it possible to authenticate the other party will be explained with reference to FIG. In this case as well, the ninth conversion key K used for authentication is shared in advance between the authenticating subject and the authenticated person. When authenticating, first a random number R is sent from the subject to the person to be authenticated. The person to be authenticated converts the random number R using the data converter 8, creates a converted sentence, and returns this to the subject. The subject converts the data using the data converter 6 using the random number R and the conversion key K, creates a converted sentence 2, and converts the converted sentence 1.
and Converted Sentence 2 are compared by the comparator 7, and if they match, it means that the other party has been confirmed.

As an example of data conversion, we have described secret communication and other party authentication, which are typical uses of conventional encryption, but in both cases it is assumed that the encryption algorithm is sufficiently secure. That is, it is conceivable that a malicious third party trying to break into the system may attack the cryptographic algorithm by some means, but the cryptographic algorithm used must be able to avoid such attacks.

For example, as a necessary condition for a cryptographic algorithm, it is important that it be difficult to derive a key from a pair of plaintext and ciphertext. This is because in normal communication, a specific message is often sent at the beginning or end of the communication. The pair of data and transformed data can be estimated to some extent. As a result, if even the key information K is inferred, the security of the entire system will be affected. On the other hand, the situation is even more serious when it comes to the mechanism of peer authentication. This is because if the other party is verified using a simple protocol, plain text and corresponding converted data are transmitted over a communication line. If the key information K used for authentication can be estimated by using this information, this protocol cannot be used for peer authentication. Based on the above, the cryptographic algorithms used for these purposes must be computationally difficult to estimate the conversion key used for data conversion even if the pair of data and converted data is known. It is a condition. Here, computationally difficult means that it is difficult to obtain the conversion key K within a practical amount of time even if a high-speed computer is used.

(Problem to be solved by the invention) As stated above, conventionally, when converting data,
Since data conversion is performed using a conversion key, if the pair of data before and after conversion by the converter is leaked, this −
There was a problem in that there was a high probability that the conversion key would be analyzed from the set of data.

The present invention has been made in view of this point, and it is an object of the present invention to provide a data conversion method in which the conversion key cannot be easily analyzed even if data before and after data conversion are leaked. It is.

[Structure of the invention]

(Means for Solving the Problem) In order to achieve the above object, the present invention provides a data conversion method in which an input value of gl and a second input value are processed to obtain one data anomalous value. the first input value and the second
and a function processing means for performing a function process on the output of the Ml calculation means and a second input value. The present invention is characterized in that the output is the data conversion value.

(Operation) One data conversion value is obtained by processing the first input value and the second input value, and the first
and the second input value. The second input value used in the Ml calculation means and the output of the first calculation means are processed by a function processing means using an arbitrary function.

The output of this function processing means becomes the data conversion value to be obtained by the data conversion method.

Therefore, in this data conversion method, even if the finally determined output value and the first input value are leaked, the second input value can be analyzed and K<< is possible.

(Example) An example of the present invention will be described below with reference to the drawings. In the following description, an encryption method, which is an example of a data conversion method, will be described. Note that the encryption algorithm is expressed as C, . . . E(K, M). This means that the encrypted text C is obtained by encrypting the encryption target text M using the encryption key KK. Similarly, the decoding transformation will be expressed as M=D(K,C). This means that the encrypted text C can be decrypted using the encryption key KK to obtain the encrypted text M.

First, an embodiment of the present invention shown in FIG. 1 will be described next. For example, input value 1, which is the text to be encrypted M, and input value 2, which is, for example, the encryption key, are combined by the first calculation unit 1 through processing such as addition. This output is input to the function processing section 2. Input value 2 is also input to function processing section 2 .

The output of the first calculation unit 1 and the input value 2 are as follows:
A function processing unit 2 performs function processing and outputs a data conversion value, for example, a cryptographic value. - For example, input value 1, input value 2, and the cryptographic values encrypted from them are binary data. In addition, within the first calculation section 1, as shown in FIG. It is designed to be input to the processing section 2. This first calculation unit 1
As other embodiments, nine configurations shown in FIGS. 4 and 5 are also conceivable. In the configuration shown in FIG. Here, remainder calculation processing is performed and output to the function processing section 2. In the configuration shown in FIG. 5, input value 1 and input value 2 are multiplied by multiplier 11 in first arithmetic unit 1, and the result is input to remainder calculator 12. The remainder calculator 12 performs remainder calculation processing in the same way as the remainder calculator 10 in FIG. 4, and outputs the result to the function processing section 2. These processes can be expressed as follows.

y=(M+x) modz”−・−・−(1) or MIl=(M+K) modz”−−−−−・・−
(2) Equation (1) is a second representation of the processing of the configuration shown in FIG. Note that M is a value input to the function processing section 2.

Equation (2) is a good equation that expresses the processing of the configuration shown in FIG. Similarly to V, Mll also has function processing unit 2.
This is the value entered in .

As described above, the processing of the first arithmetic unit 1 and the function processing unit 2 can be expressed as equations (3) and (41).

So=M■K (3) As shown in equation (3)K, V is found by taking the exclusive OR of the encryption target text M and the encryption key.

C';Ff(K,M') ・・・・・・・・・(
4) As shown in equation (4), Ml is encrypted using algorithm E using encryption key K to find the encrypted value CI. If the cryptographic value CI is determined, even if the encryption key Kl is determined for algorithm B4C when the pair of the ciphertext and the text to be encrypted is known, depending on the method, M, C' to K It becomes difficult to detect. This is because we only know about the relationship in equation (4), and there is no way to know about equation (3). C
Since I only have I, I cannot know K.

In the above explanation, what algorithm E is is not particularly defined. However, when the encryption process is applied to the present invention, any conventional block-type cipher may be used. In addition, in the synthesis method as one of the calculation means for the encryption target text M and the encryption key,
In equation (3), bitwise exclusive OR is used, but various other synthesis methods may also be used. However, it must be possible to send the ciphertext to the other party and decrypt it. Therefore, as a method for regenerating M, there must be an inverse transformation of the synthesis method. In the case of Equation (3) 1, M can be derived from M and K by K as follows.

M=M'OK (37) In the case of secret communication, the decryption process on the other party's side is as shown in Figure 2. Inverse function processing is performed using the inverse function corresponding to the function of the function processing unit 2 shown in the figure, and this output is inputted to the second calculation unit 5.In the second calculation unit 5, the encryption side Input value 1 can be calculated using input value 2, which both the decoding side and the decoding side have in common.Accordingly, the information of input value 1 can be obtained on the decoding side.

As mentioned above, this data conversion method has been explained by applying it to a combination of encryption and decryption, but it can also be applied only to encryption, and it can also be applied to just converting data without worrying about encryption. It can also be applied to those who

〔Effect of the invention〕

As described above, according to the present invention, even if the pair of data before and after data conversion, that is, the first input value and the data conversion value, are known to a third party, the second input value, which is a conversion key etc.
Even if some or all of the input values are analyzed, if the first input value is converted into data using a combination of calculation means and function processing means. The probability that the transformation key will be resolved is much lower. In other words, it is possible to provide a method that makes it difficult for a third party to analyze encryption, which is typical of conventional data conversion methods.

[Brief explanation of drawings]

FIG. 1 is a diagram showing one embodiment of the present invention, FIG. 2 is a diagram showing another embodiment of the present invention, and FIG. 3 is a diagram showing a first embodiment of the present invention.
FIG. 4 is a diagram showing an example of the calculation means of the present invention.
FIG. 5 is a diagram showing still another example of the first calculating means of the present invention, and FIG. 6 is a diagram showing an example using the method of the present invention. FIG. 7 shows a conventional example. 1... First calculation unit, 2... Function processing unit, 4...
Inverse function processing section, 5... second calculation section. 1st figure 2nd figure 3rd figure 3rd figure 3rd figure 1st figure 2nd figure 3rd figure 3rd figure 3rd figure

Claims (3)

[Claims] (1) In a data conversion method in which a first input value and a second input value are arithmetic-processed to obtain one data conversion value, the first input value and the second input value are arithmetic-processed. and a function processing means for performing a function process on the output of the first calculation means and the second input value, and converting the output of the function processing means into the data conversion value. A data conversion method characterized by: (2) The data conversion method according to claim 1, wherein the first calculation means is a block cipher calculation, the first input value is an encryption target value, and the second input value is an encryption key. (3) In the data conversion method for receiving the data conversion value and obtaining the first input value, an inverse function processing means that performs an inverse function process on the output value and the second input value corresponding to the function process; , and second calculation means for calculating the first input value from the output of the inverse function processing means using the second input value. .