JPH0749655A - Facsimile adapter device with built-in cipher function - Google Patents

Abstract

PURPOSE:To eliminate a previous arrangement and the control of a cipher key by inputting the identification data of the other party adapter from the information of preliminary communication, generating the cipher key and ciphering (deciphering). CONSTITUTION:At the time of transmission, first of all, the other party identification data (r) is extracted from the information of the preliminary communication by an identification data recognition means N to be sent to a key generation means L. Transmission image information (a) is sent from a ciphering switch means J to a cipher processing means B at the time of transmitting a cipher, and is ciphered using a key (k) generated from the identification data (r) by the key generation means L. By a control means (e), the ciphered information is converted to facsimile transmission information (p) to be sent to a line. At the time of reception, the identification data (r) of the other party adapter is extracted from the information of the preliminary communication similarly. By the control means C, reception image information (g) is extracted from reception facsimile information (q), and is sent from a deciphering switch means K to the cipher processing means B at the time of receiving a cipher sentence, and is deciphered by the key (k) generated from the identification data (r) by the key generation means L. Then, the cipher sentence is sent to a transmission means D, and is printed and outputted by a connected facsimile device.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a facsimile adapter device having a built-in encryption function.

[0002]

2. Description of the Related Art A facsimile adapter device with a built-in encryption function, which is installed between a facsimile device and a line, performs facsimile transmission with a built-in encryption function, decrypts it with a device at the receiving end, restores the original image, and prints it out from a connected facsimile device. Has been commercialized.

[0003]

DISCLOSURE OF THE INVENTION Problems to be Solved by the Invention In communication of a facsimile adapter with a built-in encryption function, it is necessary to discuss the encryption key so that only a specific person can decrypt it. Needed management.

[0004]

According to the present invention, encryption is performed only by inputting an identifier recognition means for recognizing an identifier set in information sent by preliminary communication and an identifier of an arbitrary entity (person, device, etc.). Based on the theory of a key sharing cryptosystem (hereinafter, referred to as KPS) for generating a key, a key generation unit and an encryption processing unit are configured by hardware or software and built in, and preliminary communication is performed when performing facsimile communication. By inputting the identifier of the partner adapter from the information of and generating an encryption key and performing encryption (decryption), it is not necessary to discuss and manage the encryption key, and only a specific partner adapter can decrypt. We have realized a facsimile adapter device with a built-in encryption function. Further, since a plurality of users owns an external device having a key generation means and / or an encryption processing means independently, each user can manage and operate the key by himself / herself. By incorporating the secret algorithm, a facsimile adapter device with a built-in encryption function according to the present invention has been realized which allows a plurality of users to share one facsimile adapter device with a built-in encryption function.

[0005]

FIG. 1 is a diagram showing an embodiment of a facsimile adapter device with a built-in encryption function according to claim 1 of the present invention. A facsimile adapter device with a built-in encryption function (hereinafter referred to as this device) receives a transmission image information from a connected facsimile device, receives means A for a facsimile device, and encrypts image information or decrypts encrypted image information. Cryptographic processing means B, control means C for performing various controls, facsimile device transmission means D for sending the received image information or the decrypted image information to a connected facsimile device, and operation means for the user to control this machine. E, line transmitting means H for sending data to the line, line receiving means I for receiving data from the line, encryption switching means J for performing encryption switching during transmission, decryption switching means K for performing decryption switching during reception And a key generation means L for generating an encryption key and an identifier recognition means N for recognizing the identifier of the partner adapter from the information of the preliminary communication.

[0006] Here, a KPS will be described in which a key unique to oneself and an arbitrary entity is generated without the need for a meeting or delivery of an encryption key (key) by a third party. The term "entity" generally refers to a person or device that is a party in communication, but here includes a human being, a document drawing, a device, and a system having those components.

The entity i has a public identifier that is semi-fixedly used and is arbitrarily determined, and this is an identifier Yi, and this is subjected to an identifier conversion F that performs one-way random injection. Is Zi (Formula 1). The special algorithm (data) G that only the center has, and the Z
i is calculated to generate a secret algorithm (data) Xi (Equation 2) unique to the entity i.

## EQU1 ## Zi = F (Yi)

## EQU00002 ## Xi = G (Zi) The entity i is Zj which is the identifier Yj of the entity j converted to the secret algorithm Xi, and is operated (Equation 3) to perform common encryption with the entity j. The key kij can be generated. Further, Zi obtained by converting the identifier Yi of the entity i into the secret algorithm Xj of the entity j can be input and operated (Equation 4) to generate the key kji, which is equal to the above kij (Equation 5). The contents encrypted by the entity i with the encryption key kij can be decrypted by the entity j.

## EQU00003 ## kij = Xi (Zj)

## EQU00004 ## kji = Xj (Zi)

## EQU5 ## Theoretical details of kij = kji = k KPS are described in Documents 1 to 5 and the like.

Encryption and decryption using the present apparatus of FIG. 1 will be described. At the time of facsimile transmission, the identifier recognizing means N extracts the information r previously determined as the identifier of the other party from the information sent by the preliminary communication first, sends it to the key generating means L, and the receiving means A for the facsimile machine receives it. The transmitted image information a is sent to the encryption switching means J, and the control information f sent from the control means C here is passed to the control means C as plaintext transmission image information e at the time of plaintext transmission, and the plaintext image at the time of cipher transmission. The information b is passed to the cryptographic processing means B. Here, the encryption processing means B uses the key k generated by the key generation means L from the input identifier r, and the plaintext image information b
Is encrypted and passed to the control means C as encrypted transmission image information d. The control means C converts the encrypted transmission image information d or the plaintext transmission image information e into facsimile transmission information p, passes it to the line transmission means H, and sends it to the line. At the time of facsimile reception, the identifier recognizing means N extracts the identifier r of the partner adapter from the information similarly sent by the preliminary communication, and the key generating means L.
Then, the control means C extracts the received image information g from the received facsimile information q received by the line receiving means I and passes it to the decoding switching means K together with the control information m. The decryption switching means K passes the received image information g as the print image information j to the facsimile device transmission means D according to the control information m from the control means C when the plaintext is received, and the received image information g when the ciphertext is received. To the cryptographic processing means B as the received cryptographic image information h, where the key generation means L sends the key k generated from the input identifier r to the cryptographic processing means B for decryption, and the decrypted image information for printing i Is sent to the transmission means D for the facsimile machine, and the connected facsimile machine prints out.

FIG. 2 is a diagram showing an embodiment of the encryption processing means B and its operation. In this embodiment, the encryption means 2
B and the decoding means 2C are independent, and each means is a control means C.
Based on the encryption / decryption setting information c from 1), either one is controlled by the encryption / decryption setting means 2A to function. The key k generated by the key generation means L is the encryption means 2B.
Alternatively, it is sent to the decryption means 2C and, when encrypted, the encryption means 2
B uses the key k to encrypt the plaintext image information b and outputs it as the encrypted transmission image information d, and at the time of decryption, the decryption means 2C decrypts the encrypted reception image information h using this key k to decrypt for printing. Output as image information i. Here, the encryption means 2
B and the decryption means 2C can be not only independent configurations as in the embodiment but also one configuration as an encryption / decryption means. Specifically, it may be an algorithm such as DES or FEAL, or an encryption algorithm suitable for facsimile communication. Anything is fine.

The key generating means L for inputting the identifier r and generating an encryption key is constructed as shown in FIG. It is composed of an identifier converting means 3A including the above-mentioned identifier converting F, a secret algorithm storing means 3B for storing the secret algorithm Xi, and a computing means 3C for generating an encryption key from them.
This can be configured by hardware such as an IC chip or software including a program.

FIG. 4 is a diagram showing an embodiment of claim 2 of the present invention. In the figure, A to E and H to L are the same as in FIG. This device uses a key generation means L through an interface P.
Connect to an external device Q with a built-in q to generate a key
Let's do it in. The identifier r of the partner adapter recognized from the preliminary communication is sent from the control means C via the interface P to the key generation means Lq in the external device Q, where the key u is generated and the interface u of the device via the interface P is generated. It is sent to the cryptographic processing means B. Using this key u, the plaintext image information b is encrypted or the encrypted received image information h is decrypted. External device Q
FIG. 41 shows an embodiment in which the key generation means Lq and the cryptographic processing means Bq are incorporated. At the time of encryption, the plaintext image information b sent to the external device is the encryption processing means Bq built in the external device.
Is encrypted and output as image information d for encrypted transmission,
At the time of decryption, the received encrypted image information h sent to the external device is decrypted by the encryption processing means Bq and output as decrypted image information i.

FIG. 5 is a diagram showing an embodiment and operation of the key generation means L in claim 3 of the present invention. The identifier converting means 5A, the calculating means 5E, a plurality of secret algorithm storing means and a secret algorithm switching means 5D for switching the secret algorithm storing means 5A, the secret algorithm storing means A of 5B and the secret algorithm storing means of 5C are plural secret algorithm storing means. The secret algorithm switching means 5D performs switching so that one of them is selected by the control information s input from the control means C in FIG.

[0013]

The present invention has realized a facsimile adapter device with a built-in cryptographic function, which is provided with an identifier recognition means, a key generation means, and a cryptographic processing means, and which eliminates the need for meeting and management of cryptographic keys. Furthermore, multiple entities own their own external devices that have their own key generation means, allowing each entity to manage and operate their own keys, and by incorporating multiple secret algorithms. A single device according to the present invention can be shared by a plurality of users as their own facsimile adapter device with a built-in encryption function, and the identifier can be set easily by using the telephone number as the identifier.

[Brief description of drawings]

FIG. 1 is a diagram for explaining one embodiment of claim 1 of the present invention and its operation.

FIG. 2 is a diagram showing an embodiment of an encryption processing means and its operation.

FIG. 3 is a diagram illustrating an example of a key generation unit and its operation.

FIG. 4 is a diagram for explaining one embodiment of claim 2 of the present invention and its operation.

FIG. 41 is a diagram showing an embodiment of an external device incorporating a key generating means and a cryptographic processing means.

FIG. 5 is a diagram showing an embodiment and operation of a key generation means according to claim 3 of the present invention.

[Explanation of symbols]

A Facsimile device receiving means B Cryptographic processing means Bq Cryptographic processing means in an external device C Control means D Facsimile device transmitting means E Operating means H Line transmitting means I Line receiving means J Encryption switching means K Decryption switching means L Key generation means Lq Key generation means in external device P interface Q External device 2A Encryption / decryption setting means 2B Encryption means 2C Decryption means 3A Identifier conversion means 3B Secret algorithm storage means 3C Calculation means 5A Identifier conversion means 5B Secret algorithm storage Means A 5C Secret algorithm storage means B 5D Secret algorithm switching means 5E Computing means a Image information b Plaintext image information c Encryption / decryption setting information d Encryption transmission image information e Plaintext transmission image information f Between control means and encryption switching means Control information g Received image information h Cryptographic reception Image information i Decoded image information for printing j Plaintext image information for printing k Encryption key m Control information between control means and decryption switching means n Control information between control means and transmission means for facsimile machine o Control means and reception means for facsimile machine Control information between p p Sending facsimile information q Receiving facsimile information r Identifier s Control information between control means and key generation means t Control information between control means and storage means u Encryption key generated by key generation means in an external device

[Reference 1] Tsutomu Matsumoto, Hideki Imai, "Third Key Agreement",
Proceedings of 1986 Cryptography and Information Security Workshop, August 1986.

[Reference 2] Tsutomu Matsumoto, Hideki Imai, "Simple encryption key sharing method", IEICE Journal IT86-54, P-29 ~ 3
4, September 1986.

[Reference 3] Tsutomu Matsumoto, Hideki Imai, "One Method of Key Pre-Distribution System"("KEY PRE
DISTRIBUSION SYSTEM BASED
ON LINEAR ALGEBRA "), 9th Information Theory and Its Application Symposium, SITA'86, 19
October 1986.

[Reference 4] Tsutomu Matsumoto, Hideki Imai, "Applying the Key Pre-Distribution System To Electrinic Mail and Signature", Information Theory and its Application Symposium, SITA'87, 198
November 7th. (Tsutomu MATSUMOTO
and Hideki IMAI, "Applying
the Predistribution System
emto Electron Mails and
Signatures ”, SITA'87, NO
V. , 1987. )

[Reference 5] Tsutomu Matsumoto, Hideki Imai, "Performance of Linear Scheme for the Key Pre-tribution System", IEICE Information Security Technical Report, May 20, 1989. (TSut
omu MATSUMOTO and Hideki
IMAI, "Performance of line
ar shemes forthe Key Pre
distribution system ", IEIC
E Tcchnical report on Inf
orientation Security, May 20,
1988. )

─────────────────────────────────────────────────── ───

[Procedure amendment]

[Submission date] April 5, 1994

[Procedure Amendment 1]

[Document name to be amended] Statement

[Correction target item name] 0011

[Correction method] Change

[Correction content]

FIG. 4 is a diagram showing an embodiment of claim 2 of the present invention. In the figure, A to E and H to L are the same as in FIG. This device uses a key generation means L through an interface P.
Connect to an external device Q with a built-in q to generate a key
Let's do it in. The identifier r of the partner adapter recognized from the preliminary communication is sent from the control means C via the interface P to the key generation means Lq in the external device Q, where the key u is generated and the interface u of the device via the interface P is generated. It is sent to the cryptographic processing means B. Using this key u, the plaintext image information b is encrypted or the encrypted received image information h is decrypted. External device Q
FIG. 5 shows an embodiment in which the key generation means Lq and the cryptographic processing means Bq are incorporated. At the time of encryption, the plaintext image information b sent to the external device is encrypted by the encryption processing means Bq incorporated in the external device and output as the image information d for encryption transmission, and at the time of decryption it is sent to the external device. The received encrypted image information h is decrypted by the encryption processing means Bq and output as decrypted image information i.

[Procedure Amendment 2]

[Document name to be amended] Statement

[Correction target item name] 0012

[Correction method] Change

[Correction content]

FIG . 6 is a diagram showing an embodiment and operation of the key generation means L according to claim 3 of the present invention. The identifier converting means 5A, the calculating means 5E, a plurality of secret algorithm storing means and a secret algorithm switching means 5D for switching the secret algorithm storing means 5A, the secret algorithm storing means A of 5B and the secret algorithm storing means of 5C are plural secret algorithm storing means. The secret algorithm switching means 5D performs switching so that one of them is selected by the control information s input from the control means C in FIG.

[Procedure 3]

[Document name to be amended] Statement

[Name of item to be corrected] Brief description of the drawing

[Correction method] Change

[Correction content]

[Brief description of drawings]

FIG. 1 is a diagram for explaining one embodiment of claim 1 of the present invention and its operation.

FIG. 2 is a diagram showing an embodiment of an encryption processing means and its operation.

FIG. 3 is a diagram illustrating an example of a key generation unit and its operation.

FIG. 4 is a diagram for explaining one embodiment of claim 2 of the present invention and its operation.

FIG. 5 is a diagram showing an embodiment of an external device incorporating a key generation means and a cryptographic processing means.

FIG. 6 is a diagram showing an embodiment and operation of a key generation means according to claim 3 of the present invention.

[Procedure amendment 4]

[Document name to be corrected] Drawing

[Correction target item name] All drawings

[Correction method] Change

[Correction content]

[Figure 1]

[Figure 3]

[Fig. 2]

[Figure 5]

[Figure 6]

[Figure 4]

─────────────────────────────────────────────────── ─── Continuation of the front page (51) Int.Cl. ⁶ Identification code Office reference number FI technical display location H04N 1/00 7232-5C

Claims (4)

[Claims] 1. Installed between a facsimile machine and a line,
Predetermined information set in the information transmitted by the preliminary communication is used as an identifier of the facsimile adapter device with built-in encryption function (this device) according to the present invention, and only the center (administrator) has the identifier recognition means. A special algorithm (data) and the above-mentioned identifier that has undergone unidirectional and random injective identifier conversion are operated to generate and store a secret algorithm unique to each device, and encryption is performed. / When performing decryption, by calculating the identifier of the other device of the other party recognized by the identifier recognizing means from the information set in the preliminary communication and performing the secret algorithm, The key generation means and the encryption processing means for generating a key (encryption key) unique to the present device and an arbitrary device of the other party without requiring a meeting or delivery by a third party are further provided. Using the key generated by the means, the cryptographic functions built facsimile adapter apparatus which is characterized in that the encryption / decryption of the image information in the encryption processing unit. 2. It is also possible to connect an external device incorporating the key generation means and / or the encryption processing means and perform encryption / decryption using an encryption key generated in the external device. The facsimile adapter device with a built-in encryption function according to claim 1. 3. The facsimile adapter apparatus with a built-in encryption function according to claim 1, wherein a plurality of the secret algorithms are built in. 4. The facsimile adapter device with a built-in encryption function according to claim 1, wherein the identifier is a telephone number.